I created a admin page for adding editing and deleting items for making a e commerce site.
Adding items is fine but can't seem to delete them. It does not show an error but I included a print_r($sql); and prints an error
<?php
session_start();//works with session cookies, helps have persistant data i.e. if user is not logged in there will be no session variable
if(!isset($_SESSION["manager"])){//if it does not set session manager send it to the file location
header("location:admin_login.php");
exit();
}
//error reporting
error_reporting(E_ALL);
ini_set('display_erors', '1');
// be sure to check that this manager session value is infact in the database.
$managerID = preg_replace('#[0-9]#i','',$_SESSION["id"]);//filter everything but numbers and letters
$password = preg_replace('#[A-Za-z0-9]#i','',$_SESSION["manager"]);//filter everything but numbers and letters
$manager = preg_replace('#[A-Za-z0-9]#i','',$_SESSION["manager"]);//filter everything but numbers and letters
//run mySQL query to be sure that this person is an admin and that their password session var equals the databse information
//connects to databse
include_once '../store/connect.php';
$sql = "SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password = '$password'";//selecting data from databse
$result = mysql_query($sql);//selecting data from databse
$existCount = mysql_num_rows($result);// count the row numbers
if($existCount == 0){//evaluates the count
while($row = mysql_fetch_array($result)){
$id = $row["id"];
echo "your login session data is not on record in the database";
exit();
}
// delets the item questio to Admin and delete product if they choose
if(isset($_GET['deleteid'])){//targets the url variable
// echo out question to double check if admin wants to delete item
echo'Do you really want to delete product with ID of'.$_GET['deleteid'].'?
<a href="inventory_list.php?yesdelete='.$_GET['deleteid'].'">Yes</a>|
<a href="inventory_list.php">No</a>';
exit();
}
if(isset($_GET['yesdelete'])){
//remove item from system and delete its picture
// delete from database
print_r($sql);
$id_to_delete = $_GET['yesdelete'];
$sql = "DELETE FROM products WHERE id='$id_to_delete" or die(mysql_error());
$result = mysql_query ($sql);
//unlink the image from server
//Remove The Pic ----------------
$pictodelete = ("../inventory_images/$id_to_delete.jpg");//delete picture from folder
if(file_exists($pictodelete)){//makes sure file exists
unlink($pictodelete);// unlinks picture
}
header("location:inventory_list.php");//helps to refresh page after uploaded file
}
if(isset($_POST['product_name']))
{ //makes sure user has pressed the submit form
//mysql escape string function to filter the data before sending to the database
$product_name = mysql_real_escape_string($_POST['product_name']);
$price = mysql_real_escape_string($_POST['price']);
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$details = mysql_real_escape_string($_POST['details']);
// see if that product name is an identical match to another product in the system
$sql = "SELECT id FROM products WHERE product_name='$product_name'";
$result = mysql_query($sql);
$productMatch = mysql_num_rows($result);//count the output amount
if($productMatch > 0)
{
echo 'sorry you tried to place a duplicate "Product Name " into the system, <a href="inventory_list.php">click here </a>';
}
else
{
//Add this product into the database now
$sql = "INSERT INTO products (product_name, price, details, category, subcategory, date_added_date)
VALUES ('$product_name', '$price', '$details', '$category', '$subcategory', now())" or die (mysql_error());
$result = mysql_query ($sql);
#now means add todays date once inserted image
$pid = mysql_insert_id();
//place image in the folder
$newname = "$pid.jpg";//product id image name
move_uploaded_file($_FILES['fileField']['tmp_name'], "../inventory_images/$newname");
//global variable go to given path
header("location:inventory_list.php");//helps to refresh page after uploaded file
//exit();
}
}
// This block grabs the whole list for viewing
$product_list="";
$sql = "SELECT * FROM products ORDER BY date_added_date ASC";
$result = mysql_query($sql);
$productCount = mysql_num_rows($result);// count output amount
if($productCount > 0 )
{// if greater then 0, should ouput the product list from database
while($row = mysql_fetch_array($result)){//access all of the rows that come out on each field to gain access
$id = $row ["id"];
$product_name = $row["product_name"];
$date_added = strftime("%b %d, %y", strtotime($row["date_added_date"]));//formats date
$product_list .= "$date_added -$id - $product_name
<a href='inventory_edit.php?pid=$id'>edit</a>
•<a href='inventory_list.php?deleteid=$id'> delete</a><br />";//sends pid variable to the item value
}
}else{
$product_list="you have no products listed in your store yet";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Inventory List</title>
<link href="../style.css" rel="stylesheet" type="text/css" />
</head>
<div align="center" id="mainWrapper">
<?php include_once'../template_header.php'?>
<div id="pageContent"><br />
<div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm"> +add new store item</a></div>
<div align="left" style="margin-left 24px">
<h2>Inventory list</h2>
<?php echo $product_list;?>
</div>
<a name="inventoryForm" id="inventoryForm"></a>
<h3>↓Add new Inventory Item Form↓</h3>
<form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myForm" method="post">
<table width="90%" border="0" cellspacing="0" cellpadding="6">
<tr>
<td width="20%">Product Name</td>
<td width="80%">
<label>
<input name="product_name" type="text" id="textfield" size="12" /></label></td>
</tr>
<tr>
<td>Product Price</td>
<td><label>
$
<input name="price" type="text" id="textfield" size="12" /></label></td>
</tr>
<tr>
<td align="right">Category</td>
<td><label>
<select name="category" id="category">
<option value="Clothing">Clothing</option>
<option value="Electronics"></option>
</select>
</label></td>
</tr>
<tr>
<td>Subcategory</td>
<td><label>
<select name="subcategory" id="subcategory">
<option value="Hats">Hats</option>
<option value="Pants">Pants</option>
<option value="Shirts">Shirts</option>
</select>
</label></td>
</tr>
<tr>
<td>Product Details</td>
<td><label>
<input name="details" id="textarea" cols="64" rows="6" /></textarea></label></td>
</tr>
<tr>
<td>Product Image </td>
<td><label>
<input type="file" name="fileField" id="filefield" /></label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="button" id="button" value="Add This item Now"
onclick="javascript:return validateMyForm();" /></td>
</label>
</tr>
</table>
</form>
<br />
<br />
<br />
<?php include_once'../template_footer.php'?>
<body>
<script type="text/javascript" language="javascript">
// By Adam Khoury @ www.developphp.com
function validateMyForm ( ) {
var isValid = true;
if ( document.myForm.product_name.value == "" ) {
alert ( "Please type your Name" );
isValid = false;
} else if ( document.form1.uName.value.length < 8 ) {
alert ( "Your name must be at least 8 characters long" );
isValid = false;
} else if ( document.form1.uEmail.value == "" ) {
alert ( "Please type your Email" );
isValid = false;
} else if ( document.form1.uCity.value == "" ) {
alert ( "Please type your City" );
isValid = false;
}
return isValid;
}
</script>
</body>
</html>
error
Warning: Cannot modify header information - headers already sent by (output started at F:\root\xampplite\htdocs\Ecomm\storeadmin\inventory_list.php:51) in F:\root\xampplite\htdocs\Ecomm\storeadmin\inventory_list.php on line 61
Hope you guys can show me where and how to fix the error
thanks :)