Sindbad~EG File Manager
<?php
session_start();
include 'conn.php';
include 'manage-common1.php';
// Define pagination variables
$items_per_page = 10; // Number of items to display per page
$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;
$offset = ($page - 1) * $items_per_page;
function handle_file_upload($file) {
$target_dir = "assets/img/products/"; // Directory to store images
$date_prefix = date("d-m-y-H-i-s"); // Unique name based on date
$original_name = basename($file["name"]);
$file_extension = strtolower(pathinfo($original_name, PATHINFO_EXTENSION));
$new_file_name = $date_prefix . '-' . $original_name; // Create unique file name
$target_file = $target_dir . $new_file_name; // Final file path
// Check if file is an image
$check = getimagesize($file["tmp_name"]);
if ($check === false) {
return "File is not an image.";
}
// Check file size (limit to 5MB)
if ($file["size"] > 5000000) {
return "Sorry, your file is too large.";
}
// Allow certain file formats (jpg, jpeg, png, gif)
if (!in_array($file_extension, ["jpg", "jpeg", "png", "gif"])) {
return "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
}
// Attempt to move the uploaded file
if (move_uploaded_file($file["tmp_name"], $target_file)) {
return $target_file; // Return the file path for the uploaded image
} else {
return "Sorry, there was an error uploading your file.";
}
}
// Add Item
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_item'])) {
function sanitize($data) {
return htmlspecialchars(strip_tags(trim($data)));
}
$name = sanitize($_POST['name']);
$description = sanitize($_POST['description']);
$price = sanitize($_POST['price']);
$category = sanitize($_POST['category']);
$availability = sanitize($_POST['availability']);
$image_url = ''; // Initialize image URL
// If file was uploaded, process the file upload
if (isset($_FILES['image_url']) && $_FILES['image_url']['error'] === UPLOAD_ERR_OK) {
$uploaded_file = handle_file_upload($_FILES['image_url']);
if (strpos($uploaded_file, "Sorry") === 0) { // Error checking
echo "<p class='text-danger'>$uploaded_file</p>";
} else {
$image_url = $uploaded_file; // Set the image URL path if upload is successful
}
}
// Prepare SQL query to insert data
$sql = "INSERT INTO menu_items (category_id, name, description, price, image_url, availability) VALUES (?, ?, ?, ?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("isssss", $category, $name, $description, $price, $image_url, $availability); // Bind parameters
if ($stmt->execute()) {
header("Location: manage-menu.php");
exit();
} else {
echo "Error: Unable to add item.";
}
$stmt->close();
}
// Edit Item
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_item'])) {
function sanitize($data) {
return htmlspecialchars(strip_tags(trim($data)));
}
$item_id = $_POST['edit_id'];
$name = sanitize($_POST['edit_name']);
$description = sanitize($_POST['edit_description']);
$price = sanitize($_POST['edit_price']);
$category = sanitize($_POST['edit_category']);
$availability = sanitize($_POST['edit_availability']);
$image_url = htmlspecialchars($_POST['edit_image_url']); // Retain existing image URL
// If a new file was uploaded, handle the file upload
if (isset($_FILES['edit_image_url']) && $_FILES['edit_image_url']['error'] === UPLOAD_ERR_OK) {
$uploaded_file = handle_file_upload($_FILES['edit_image_url']);
if (strpos($uploaded_file, "Sorry") === 0) {
echo "<p class='text-danger'>$uploaded_file</p>";
} else {
$image_url = $uploaded_file; // Set the new image URL
}
}
// Prepare SQL query to update data
$sql = "UPDATE menu_items SET category_id=?, name=?, description=?, price=?, image_url=?, availability=? WHERE item_id=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("isssssi", $category, $name, $description, $price, $image_url, $availability, $item_id); // Bind parameters
if ($stmt->execute()) {
header("Location: manage-menu.php");
exit();
} else {
echo "Error: Unable to edit item.";
}
$stmt->close();
}
// Delete Menu Item
if ($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['delete_item_id'])) {
$item_id = $_GET['delete_item_id'];
$sql = "DELETE FROM menu_items WHERE item_id=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("i", $item_id);
if ($stmt->execute()) {
header("Location: manage-menu.php");
exit();
} else {
echo "Error: Unable to delete item.";
}
$stmt->close();
}
// Fetch Categories for Dropdown
$categories = $conn->query("SELECT category_id, name FROM categories");
// Fetch Menu Items with Pagination
$total_items_result = $conn->query("SELECT COUNT(*) as total FROM menu_items");
$total_items = $total_items_result->fetch_assoc()['total'];
$total_pages = ceil($total_items / $items_per_page);
$sql = "SELECT * FROM menu_items LIMIT ? OFFSET ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ii", $items_per_page, $offset);
$stmt->execute();
$menu_items = $stmt->get_result();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<title>Menu Management</title>
</head>
<body>
<?php include 'manage-nav.php';?>
<!-- Add Modal -->
<div class="modal fade" id="addModal" tabindex="-1" aria-labelledby="addModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="addModalLabel">Add Item</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<form method="post" action="manage-menu.php" enctype="multipart/form-data">
<div class="mb-3">
<label for="name" class="form-label">Item Name</label>
<input type="text" id="name" name="name" class="form-control" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea id="description" name="description" class="form-control" required></textarea>
</div>
<div class="mb-3">
<label for="price" class="form-label">Price</label>
<input type="number" id="price" name="price" class="form-control" step="0.01" required>
</div>
<div class="mb-3">
<label for="category" class="form-label">Category</label>
<select id="category" name="category" class="form-select" required>
<?php while ($row = $categories->fetch_assoc()) { ?>
<option value="<?= $row['category_id'] ?>"><?= $row['name'] ?></option>
<?php } ?>
</select>
</div>
<div class="mb-3">
<label for="availability" class="form-label">Availability</label>
<select id="availability" name="availability" class="form-select" required>
<option value="available">Available</option>
<option value="not available">Not Available</option>
</select>
</div>
<div class="mb-3">
<label for="image_url" class="form-label">Image</label>
<input type="file" id="image_url" name="image_url" class="form-control" accept="image/*">
</div>
<button type="submit" name="add_item" class="btn btn-primary">Add Item</button>
</form>
</div>
</div>
</div>
</div>
<!-- Edit Modal -->
<div class="modal fade" id="editModal" tabindex="-1" aria-labelledby="editModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="editModalLabel">Edit Item</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<form method="post" action="manage-menu.php" enctype="multipart/form-data">
<input type="hidden" id="edit_id" name="edit_id">
<div class="mb-3">
<label for="edit_name" class="form-label">Item Name</label>
<input type="text" id="edit_name" name="edit_name" class="form-control" required>
</div>
<div class="mb-3">
<label for="edit_description" class="form-label">Description</label>
<textarea id="edit_description" name="edit_description" class="form-control" required></textarea>
</div>
<div class="mb-3">
<label for="edit_price" class="form-label">Price</label>
<input type="number" id="edit_price" name="edit_price" class="form-control" step="0.01" required>
</div>
<div class="mb-3">
<label for="edit_category" class="form-label">Category</label>
<select id="edit_category" name="edit_category" class="form-select" required>
<?php $categories->data_seek(0); while ($row = $categories->fetch_assoc()) { ?>
<option value="<?= $row['category_id'] ?>"><?= $row['name'] ?></option>
<?php } ?>
</select>
</div>
<div class="mb-3">
<label for="edit_availability" class="form-label">Availability</label>
<select id="edit_availability" name="edit_availability" class="form-select" required>
<option value="available">Available</option>
<option value="not available">Not Available</option>
</select>
</div>
<div class="mb-3">
<label for="edit_image_url" class="form-label">Image</label>
<input type="file" id="edit_image_url" name="edit_image_url" class="form-control" accept="image/*">
</div>
<button type="submit" name="edit_item" class="btn btn-primary">Save Changes</button>
</form>
</div>
</div>
</div>
</div>
<div class="container mt-5">
<h1 class="mb-4">Product Management</h1>
<!-- Add New Item Button, only visible if logged in -->
<?php if ($logged_in) { ?>
<button type="button" class="btn btn-primary mb-4" data-bs-toggle="modal" data-bs-target="#addModal">
Add New Item
</button>
<?php } ?>
<table class="table">
<thead>
<tr>
<th>Name</th>
<th>Description</th>
<th>Price</th>
<th>Category</th>
<th>Image</th>
<th>Availability</th> <!-- New Column -->
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php while ($item = $menu_items->fetch_assoc()) { ?>
<tr>
<td><?= htmlspecialchars($item['name']) ?></td>
<td><?= htmlspecialchars($item['description']) ?></td>
<td>₹<?= number_format((float)$item['price'], 2, '.', '') ?></td>
<td>
<?php
$cat_sql = "SELECT name FROM categories WHERE category_id=?";
$cat_stmt = $conn->prepare($cat_sql);
$cat_stmt->bind_param("i", $item['category_id']);
$cat_stmt->execute();
$cat_result = $cat_stmt->get_result();
$category = $cat_result->fetch_assoc();
echo htmlspecialchars($category['name']);
$cat_stmt->close();
?>
</td>
<td>
<?php if (!empty($item['image_url'])) { ?>
<img src="<?= htmlspecialchars($item['image_url']) ?>" alt="<?= htmlspecialchars($item['name']) ?>" width="100">
<?php } ?>
</td>
<td><?= htmlspecialchars($item['availability']) ?></td> <!-- New Data -->
<td>
<?php if ($logged_in) { ?>
<button type="button" class="btn btn-warning btn-sm" data-bs-toggle="modal" data-bs-target="#editModal" onclick="populateEditModal(<?= $item['item_id'] ?>, '<?= addslashes($item['name']) ?>', '<?= addslashes($item['description']) ?>', <?= $item['price'] ?>, <?= $item['category_id'] ?>, '<?= addslashes($item['image_url']) ?>', '<?= addslashes($item['availability']) ?>')">
Edit
</button>
<a href="?delete_item_id=<?= $item['item_id'] ?>" class="btn btn-danger btn-sm" onclick="return confirm('Are you sure you want to delete this item?')">Delete</a>
<?php } ?>
</td>
</tr>
<?php } ?>
</tbody>
</table>
<nav>
<ul class="pagination">
<li class="page-item <?= ($page <= 1) ? 'disabled' : '' ?>">
<a class="page-link" href="?page=<?= $page - 1 ?>">Previous</a>
</li>
<?php for ($i = 1; $i <= $total_pages; $i++) { ?>
<li class="page-item <?= ($i == $page) ? 'active' : '' ?>">
<a class="page-link" href="?page=<?= $i ?>"><?= $i ?></a>
</li>
<?php } ?>
<li class="page-item <?= ($page >= $total_pages) ? 'disabled' : '' ?>">
<a class="page-link" href="?page=<?= $page + 1 ?>">Next</a>
</li>
</ul>
</nav>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
// Show login modal if the user is not logged in
<?php if (!$logged_in) { ?>
var loginModal = new bootstrap.Modal(document.getElementById('loginModal'));
loginModal.show();
<?php } ?>
window.populateEditModal = function(id, name, description, price, category, image_url, availability) {
document.getElementById('edit_id').value = id;
document.getElementById('edit_name').value = name;
document.getElementById('edit_description').value = description;
document.getElementById('edit_price').value = price;
document.getElementById('edit_category').value = category;
document.getElementById('edit_image_url').value = image_url;
document.getElementById('edit_availability').value = availability; // Update this line
}
});
</script>
<?php include 'footer-manage.php'?>
</body>
</html>
<?php
$conn->close();
?>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists