We help IT Professionals succeed at work.

Product Update Page will not store information to dB

id4382
id4382 asked
on
Hello everyone,

I am having an issue with my product update page in admin back-end. This was a customer designed website from a vendor that is no longer in business. So I have taken over and have limited PHP knowledge.

From what I can tell is happening, is that after I make any changes needed and click submit, the page reloads to the product list screen. But if I go back to view the product, I see that none of the update information has been changed.

Please help! Thanks!
function productInsert($product,$photo){ // {{{
  global $db_username,$db_password,$db_server,$db_name;	
  $valid_keys = array(
    'sku',
    'pentad_sku',
    'newsku',
    'name', 
    'overview', 
    'experience', 
    'specifications', 
    'assembly',
    'capactiy',  
    'application',  
    'additional',  
    'weight', 
    'true_cost', 
    'public_price', 
    'sale_price', 
    'keywords', 
    'category', 
    'list_weight',
    'family'
  );
  $valid_empty = array_fill_keys($valid_keys, NULL);
  $product = array_intersect_key(($product + $valid_empty),$valid_empty);
  $required_keys = array(
      'sku',
      'name',
      'family',
      'weight',
      'public_price'
  );
  foreach ($required_keys as $key) {
      if ($product[$key] == NULL) {
          $product['fail'][] = $key;
      }
  }
  if ($product['fail']) {
      return $product;
  }
  if ($query=mysql_query("SELECT id FROM products WHERE sku='$product[sku]'")){
    $id_array=mysql_fetch_array($query);
	$id=$id_array['id'];
  }
  #fix for preventing orphan products by checking if a requested family already has a parent
  if ($query=mysql_query("SELECT parent FROM products WHERE family='$product[family]'")){
    if(mysql_num_rows($query) == 0){
	$parent="1";
    }
  }
  #also added '$parent' at the end of VALUES block below, so the value gets passed into the db if it is set
  #endfix
  mysql_query("
    INSERT 
	products (
	  id,	
	  sku,
	  pentad_sku,
	  name,
	  overview,
	  experience,
	  specifications,
          assembly,
          capacity,
          application,
          additional,
	  weight,
	  true_cost,
	  public_price,
	  sale_price,
	  keywords,
	  category,
          list_weight,
	  family,
	  parent
    ) 
	VALUES (
	  '$id',
	  '$product[sku]',
	  '$product[pentad_sku]',
	  '$product[name]',
	  '$product[overview]',
	  '$product[experience]',
	  '$product[specifications]',
	  '$product[assembly]',
	  '$product[capacity]',
	  '$product[application]',
	  '$product[additional]',
	  '$product[weight]',
	  '$product[true_cost]',
	  '$product[public_price]',
	  '$product[sale_price]',
	  '$product[keywords]',
	  '$product[category]',
	  '$product[list_weight]',
	  '$product[family]',
	  '$parent'
    ) 
	ON DUPLICATE KEY UPDATE 
	  sku='$product[sku]',
	  pentad_sku='$product[pentad_sku]',
	  name='$product[name]',
	  overview='$product[overview]',
	  experience='$product[experience]',
	  specifications='$product[specifications]',
	  assembly='$product[assembly]',
	  capacity='$product[capacity]',
	  application='$product[application]',
	  additional='$product[additional]',
	  weight='$product[weight]',
	  true_cost='$product[true_cost]',
	  public_price='$product[public_price]',
	  sale_price='$product[sale_price]',
	  keywords='$product[keywords]',
	  category='$product[category]',
	  list_weight='$product[list_weight]'
	  family='$product[family]'
	  ");
  // echo mysql_error();
  $num=1;  
  foreach($photo as $each => $values){
  //echo "each=".$photo[$each]['tmp_name'];    
  if ($photo[$each]['tmp_name']){ 
      $image_full = new Imagick($photo[$each]['tmp_name']);
      if ($image_full->getImageWidth() >= "1000"){
        $image_full->adaptiveResizeImage(1000,1000,true);
      }
	  $im_thumb1 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb1->adaptiveResizeImage(64,39);
	  $im_thumb1->roundCorners(3,3);
	  $im_thumb1_sh = $im_thumb1->clone();
	  $im_thumb1_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb1_sh->shadowImage( 80, 1, 1, 2 );
	  $im_thumb1_sh->compositeImage( $im_thumb1, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb1 = $im_thumb1_sh->clone();
	  $image_thumb1->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb1->compositeImage($im_thumb1_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb1->setImageFormat('jpeg');
	  $image_thumb1->flattenImages();
	  $im_thumb2 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb2->adaptiveResizeImage(134,88);
	  $im_thumb2->roundCorners(5,5);
	  $im_thumb2_sh = $im_thumb2->clone();
	  $im_thumb2_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb2_sh->shadowImage( 80, 1, 1, 5 );
	  $im_thumb2_sh->compositeImage( $im_thumb2, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb2 = $im_thumb2_sh->clone();
	  $image_thumb2->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb2->compositeImage($im_thumb2_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb2->setImageFormat('jpeg');
	  $image_thumb2->flattenImages();
	  $im_thumb3 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb3->setImageBackgroundColor( new ImagickPixel( 'white' ) );
	  $im_thumb3->adaptiveResizeImage(199,136);
	  $im_thumb3->roundCorners(5,5);
	  $im_thumb3_sh = $im_thumb3->clone();
	  $im_thumb3_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb3_sh->shadowImage( 80, 1, 1, 5 );
	  $im_thumb3_sh->compositeImage( $im_thumb3, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb3 = $im_thumb3_sh->clone();
	  $image_thumb3->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb3->compositeImage($im_thumb3_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb3->setImageFormat('jpeg');
	  $image_thumb3->flattenImages();

	  $connect = new mysqli($db_server, $db_username, $db_password, $db_name);
      $queryline = "UPDATE products SET
		  image".$num."_full = ?,
		  image".$num."_thumb1 = ?,
		  image".$num."_thumb2 = ?,
		  image".$num."_thumb3 = ?
          WHERE id = ?";
          //echo $queryline;
      if ($query = $connect->prepare($queryline)) {
		  $null = NULL;
		  $query->bind_param('bbbbi',$null,$null,$null,$null,$id);
          //echo $id;
          $query->send_long_data(0, $image_full);
          //var_dump($image_full);
		  unset($image_full);
		  $query->send_long_data(1, $image_thumb1);
		  unset($image_thumb1);
		  $query->send_long_data(2, $image_thumb2);
		  unset($image_thumb2);
		  $query->send_long_data(3, $image_thumb3);
		  unset($image_thumb3);
          $query->execute();
      } else {
          printf("Errormessage: %s\n", $connect->error);
          printf("Errormessage: %s\n", $connect->sqlstate);
          printf("Errormessage: %s\n", $connect->dump_debug_info);
	  }
    }
          $num++;
  }
} //}}}
function productEdit($product = NULL, $fail=NULL){ //{{{
  //var_dump($fail);
?>
      <form method="post" enctype="multipart/form-data" action="/admin/product/insert">
        <input type="hidden" name="sku" value="<? echo $product['sku'] ?>">
        <label>SKU:</label><input type="text" name="sku" value="<? echo $product['sku'] ?>">
        <label>Pentad SKU:</label><input type="text" name="pentad_sku" value="<? echo $product['pentad_sku'] ?>">
        <p class="name">
          <label>Name:</label>
          <input type="text" name="name" value="<? echo $product['name'] ?>">
        </p>
      <? if ($fail && !$product['name']) { ?>
        <p class="error">* Please enter a name before submitting.</p>
      <? } ?>
        <p class="overview">
          <label>Overview:</label>
          <textarea name="overview"><? echo $product['overview'] ?></textarea>
        </p>
      <? //if ($fail && !$product['overview']) { ?>
        <!-- <p class="error">* Please enter a descriptive product overview before submitting.</p> -->
      <? //} ?>
        <p class="experience">
          <label>Experience:</label>
          <textarea name="experience"><? echo $product['experience'] ?></textarea>
        </p>
        <p class="specifications">
          <label>Specifications:</label>
          <textarea name="specifications"><? echo $product['specifications'] ?></textarea>
        </p>
        <p class="assembly">
          <label>Assembly:</label>
          <textarea name="assembly"><? echo $product['assembly'] ?></textarea>
        </p>
        <p class="capacity">
          <label>Capacity:</label>
          <textarea name="capacity"><? echo $product['capacity'] ?></textarea>
        </p>
        <p class="application">
          <label>Application:</label>
          <textarea name="application"><? echo $product['application'] ?></textarea>
        </p>
        <p class="additional">
          <label>Aditional:</label>
          <textarea name="additional"><? echo $product['additional'] ?></textarea>
        </p>
        <p class="weight">
          <label>Weight:</label>
          <input type="text" name="weight" value="<? echo $product['weight'] ?>">
        </p>
      <? if ($fail && !$product['weight']) { ?>
        <p class="error">* Please enter a weight before submitting.</p>
      <? } ?>
        <p class="true_cost">
          <label>True Cost:</label>
          <input type="text" name="true_cost" value="<? echo $product['true_cost'] ?>">
        </p>
      <? if ($fail && !$product['true_cost']) { ?>
        <p class="error">* Please enter a true cost before submitting.</p>
      <? } ?>
        <p class="public_price">
          <label>Public Price:</label>
          <input type="text" name="public_price" value="<? echo $product['public_price'] ?>">
        </p>
      <? if ($fail && !$product['public_price']) { ?>
        <p class="error">* Please enter a public price before submitting.</p>
      <? } ?>
        <p class="sale_price">
          <label>Sale Price:</label>
          <input type="text" name="sale_price" value="<? echo $product['sale_price'] ?>">
        </p>
        <p class="keywords">
          <label>Keywords:</label>
          <input type="text" name="keywords" value="<? echo $product['keywords'] ?>">
        </p>
      <? if ($fail && !$product['keywords']) { ?>
        <p class="error">* Please enter at least one keyword before submitting.</p>
      <? } ?>
        <p class="category">
          <label>Category:</label>
          <select name="category" value="<? echo $product['category'] ?>">
          <?
	   $query = mysql_query('SELECT * FROM categories');
	   while ($current_row = mysql_fetch_array($query)){
           ?>
	    <option <? if ($product['category'] == $current_row['category']){ ?>selected="selected"<? } ?> value="<? echo $current_row['category']?>"><? echo $current_row['category_name'] ?></option>
            <? } ?>
	  </select>
        </p>
      <? if ($fail && !$product['category']) { ?>
        <p class="error">* Please choose a category before submitting.</p>
      <? } ?>
      	<p id="list_weight">
          <label>List Weight:</label>
      	  <input type="text" name="list_weight" value="<? echo $product['list_weight'] ?>">
        </p>
      	<p id="family">
          <label>Product Family:</label>
      	  <input type="text" name="family" value="<? echo $product['family'] ?>">
        </p>
        <label>Primary Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/1/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo1">
        </p>
        <label>Second Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/2/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo2">
        </p>
        <label>Third Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/3/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo3">
        </p>
        <label>Fourth Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/4/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo4">
        </p>
        <label>Fifth Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/5/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo5">
        </p>
        <input class="submit" type="submit" value="Submit to Database">
      </form>
      <?
} // }}}
function productValidate($product){ // {{{
  $valid_keys = array(
    'sku',
    'pentad_sku',
    'newsku',
	'name', 
	'overview', 
	'experience', 
	'specifications', 
	'assembly', 
	'weight', 
	'true_cost', 
	'public_price', 
	'sale_price', 
	'keywords', 
	'category',
	'family' 
  );
  $required_keys = array(
    'sku',
    'name',
    'weight',
    'true_cost',
    'public_price',
    'keywords',
    'category'
  );
  $valid_empty = array_fill_keys($valid_keys, NULL);
  $product = array_intersect_key(($product + $valid_empty),$valid_empty);
  foreach ($required_keys as $req) {
	if ($product[$req] == NULL) {
		return false;
	}
  }
  return true;
}//}}}
function productFlag($post){ // {{{
  $post['sku_list'] = preg_replace('/,$/','',$post['sku_list']);
  $products = explode(',',$post['sku_list']);
  foreach($products as $sku){
      $parent_name='parent|'.$sku;
      $featured_name='parent|'.$sku;
      $enabled_name='enabled|'.$sku;
      if ($post[$enabled_name]){
         mysql_query("UPDATE products SET enabled=true WHERE sku='$sku'");
      } else {
          mysql_query("UPDATE products SET enabled=false WHERE sku='$sku'");
      }
      if ($post[$parent_name] && $post[$featured_name]){
          mysql_query("UPDATE products SET parent=true,featured=true WHERE sku='$sku'");
      } else if ($post[$parent_name]){
          mysql_query("UPDATE products SET parent=true WHERE sku='$sku'");
      } else if ($post[$featured_name]){
          mysql_query("UPDATE products SET featured=true WHERE sku='$sku'");
      } else {
          mysql_query("UPDATE products SET parent=NULL,featured=NULL WHERE sku='$sku'");
      }
    }  
}//}}}

Open in new window

Comment
Watch Question

Commented:
I think you should have an error message somewhere, which is probably hidden because of the php config. Have you checked the value of the variables in the middle of the function? (E.g. check whether $product is properly set when you call the method.)

Author

Commented:
Which part of the file should I check this in?

Author

Commented:
Ok, so I need to get this fixed so I am re-pasting the actual admin php and the admin php functions, maybe someone will be able to spot what is causing the information to not be updated.

The first is of the admin.php
<?php
$page_title="admin";
include_once('includes/global.php');
include_once('includes/adminFunctions.php');
include_once('includes/productFunctions.php');
include_once('includes/userFunctions.php');
if (!$_SESSION['admin']){
  header('Location: /login');
} else {
  if (!$args[0]){
    pageHeader('Admin');
    adminNav();
    pageFooter();
  } else if ($args[0] == "stats"){//{{{
    pageHeader('Admin');
    adminNav();
    siteStats();
    pageFooter();
  } else if ($args[0] == "coupon"){//{{{
    if ($args[1] == "list"){
      if ($_POST){
          couponInsert($_POST);
          header('Location: /admin/coupon/list');
      } else {  
        pageHeader();
        adminNav();
        couponAdminList();
        pageFooter();
      }
    } else if ($args[1] == "new" && !$_POST){
	  pageHeader();
      adminNav();
	  couponEdit();
      pageFooter();
    } else if ($args[1] == "edit" && !$args[2] && $_POST){
	  pageHeader();
      adminNav();
      couponEdit($_POST);
      pageFooter();
    } else if ($args[1] == "edit" && $args[2] && $args[2] != "fail"){
	  pageHeader();
      adminNav();
      couponEdit(couponFetch($args[2]));
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && !$args[3]){
      couponDelete($args[2]);
      header('Location: /admin/coupon/list');
    } else if ($args[1] == "insert" && $_POST){
      if(productValidate($_POST)){  
        productInsert($_POST);
        productInsertImages($_FILES);
        //header('Location: /admin/product/list');
      } else {
	    pageHeader('Edit Product','/admin');
        adminNav();
        productEdit($_POST,'fail');
        pageFooter();
      }
    }//}}} 
  } else if ($args[0] == "product"){//{{{
    if ($args[1] == "list"){
      if ($_POST){
          productFlag($_POST);
          header('Location: /admin/product/list');
      } else {  
        pageHeader('Add new Product','/admin');
        adminNav();
        productAdminList($args[2],$args[3]);
        pageFooter();
      }
    } else if ($args[1] == "family"){
      if ($_POST){
          productFlag($_POST);
          header('Location: /admin/product/list');
      } else {  
        pageHeader('Edit Product Family','/admin');
        adminNav();
        productAdminFamily($args[2]);
        pageFooter();
      }
    } else if ($args[1] == "new" && !$_POST){
	  pageHeader('Add new Product','/admin');
      adminNav();
	  productEdit();
      pageFooter();
    } else if ($args[1] == "edit" && !$args[2] && $_POST){
	  pageHeader('Edit Product','/admin');
      adminNav();
      productEdit($_POST);
      pageFooter();
    } else if ($args[1] == "edit" && $args[2] && $args[2] != "fail"){
	  pageHeader('Edit Product','/admin');
      adminNav();
      productEdit(productFetch($args[2]));
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && !$args[3]){
	  pageHeader('Delete Product','/admin');
      adminNav();
      productDelete($args[2],'no');
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && $args[3] == "confirm"){
      productDelete($args[2],'yes');
    } else if ($args[1] == "insert" && $_POST){
      if(productValidate($_POST)){  
        productInsert($_POST,$_FILES);
        header('Location: /admin/product/list');
      } else {
	    pageHeader('Edit Product','/admin');
        adminNav();
        productEdit($_POST,'fail');
        pageFooter();
      }
    }//}}} 
  } else if ($args[0] == "user"){ //{{{
    if ($args[1] == "list"){
      if ($_POST){
          userFlag($_POST);
          header('Location: /admin/user/list');
      } else {  
        pageHeader('Add new Product','/admin');
        adminNav();
        userAdminList();
        pageFooter();
      }
    } else if ($args[1] == "new" && !$_POST){
	  pageHeader('Add new Product','/admin');
      adminNav();
	  userCreateForm();
      pageFooter();
    } else if ($args[1] == "edit" && !$args[2] && $_POST){
	  pageHeader('Edit Product','/admin');
      adminNav();
      dealerEdit();
      pageFooter();
    } else if ($args[1] == "edit" && $args[2] && $args[2] != "fail"){
	  pageHeader('Edit Product','/admin');
      adminNav();
      dealerEdit(dealerInfo($args[2]), $args[2]);
      $userinfo=userInfo(array('login' => $args[2]));
      $userinfo[0]['edit'] = true;
      userCreateForm($userinfo[0]);
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && !$args[3]){
	  pageHeader('Delete Product','/admin');
      adminNav();
      userDelete($args[2],'no');
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && $args[3] == "confirm"){
      userDelete($args[2],'yes');
    } else if ($args[1] == "insert" && $_POST){
      if(productValidate($_POST)){  
        productInsert($_POST,$_FILES);
        header('Location: /admin/product/list');
      } else {
	pageHeader();
        adminNav();
        productEdit($_POST,'fail');
        pageFooter();
      }
    }//}}}
  } else if ($args[0] == "order"){ //{{{
    if ($args[1] == "list"){
      if ($_POST){
          orderFlag($_POST);
          header('Location: /admin/order/list');
      } else {  
        pageHeader();
        adminNav();
        orderAdminList();
        pageFooter();
      }
    } else if ($args[1] == "details" && $args[2]){
	  pageHeader('Add new Product','/admin');
      adminNav();
	  orderDetails($args[2]);
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && !$args[3]){
	  pageHeader('Delete Product','/admin');
      adminNav();
      productDelete($args[2],'no');
      pageFooter();
    } else if ($args[1] == "delete" && $args[2] && $args[3] == "confirm"){
      productDelete($args[2],'yes');
    } else if ($args[1] == "insert" && $_POST){
      if(productValidate($_POST)){  
        productInsert($_POST,$_FILES);
        header('Location: /admin/product/list');
      } else {
	    pageHeader();
        adminNav();
        productEdit($_POST,'fail');
        pageFooter();
      }
    }//}}}
  } else if ($args[0] == "dealer" && $args[1] == "update" && $_POST){
    dealerUpdate($_POST);
    header('Location: '.$_SERVER['HTTP_REFERER']);
  }
}  
?>

Open in new window

Author

Commented:
Ok, so I need to get this fixed so I am re-pasting the actual admin php and the admin php functions, maybe someone will be able to spot what is causing the information to not be updated.

The second is of the adminfunctions.php
<?php
function adminNav(){//{{{
    ?>
    <h2>Site Administration</h2>
    <ul class="admin_nav">
	  <li><a href="/admin/product/new">Add Product</a>
      <li><a href="/admin/product/list">Edit Products</a>
      <!-- <li><a href="/admin/user/new">Add User</a>-->
      <li><a href="/admin/user/list">Manage Users</a>
      <li><a href="/admin/order/list">Manage Orders</a>
      <li><a href="/admin/coupon/list">Coupons</a>
      <li><a href="/admin/stats">Stats</a>
    </ul>
    <?
}//}}}
function adminLogin(){//{{{
	echo "<form id=\"admin-form\" method=\"post\" action=\"/admin\">\n";
	echo "<p id=\"user\"><label>Username:</label><input type=\"text\" name=\"user\"></p>\n";
	echo "<p id=\"pass\"><label>Password:</label><input type=\"text\" name=\"pass\"></p>\n";
	echo "<input id=\"signmein\" type=\"submit\" value=\"Log-In\">\n";
    echo "</form>\n";
}//}}}
function orderFlag(){
foreach($_POST as $order_number => $flags){
  if ($flags[0] && $flags[1]){
    if ($query = mysql_query("SELECT email,first_name,last_name,status,tracking from orders LEFT JOIN users ON orders.username=users.username WHERE orders.order_number='$order_number'")){
      $current_row = mysql_fetch_array($query);
      if($current_row['status'] != $flags[1] || $current_row['tracking'] != $flags[0]){
        if ($flags[1] != $current_row['status']){
	  $message = "The status for the order numbered \"".$order_number."\" has been updated to: \n\n ".$flags[1]."";
	} else if ($flags[0] != $current_row['tracking']) {
	  $message = "The tracking number the order numbered \"".$order_number."\" has been updated to: \n\n ".$flags[0]."";
	}
	require_once('includes/class.phpmailer.php');
        include_once("includes/class.smtp.php");          // optional, gets called from within class.phpmailer.php if not already loaded
        $mail             = new PHPMailer();
        $mail->IsSMTP();                             // telling the class to use SMTP
        $mail->Host       = "mail.inlandtarp.com";   // SMTP server
        $mail->SMTPDebug  = 0;                       // enables SMTP debug information (for testing)
        $mail->SMTPAuth   = false;                   // enable SMTP authentication
        $mail->Host       = "mail.inlandtarp.com";   // sets the SMTP server
        $mail->Port       = 25;                      // set the SMTP port for the GMAIL server
        $mail->Username   = "support";               // SMTP account username
        $mail->Password   = "xy43PT7";               // SMTP account password
        $mail->SetFrom('support@inlandtarp.com', "InlandTarp & Liner Support");
        $mail->AddReplyTo('support@inlandtarp.com', "InlandTarp & Liner Support");
        $mail->Subject    = "Update for order # \"".$order_number."\" ";
        $mail->MsgHTML($message);
        $mail->AddAddress($current_row['email'],$current_row['first_name']." ".$current_row['last_name']);
        $mail->AddBCC('support@inlandtarp.com', 'Inland Tarp Support');
        $mail->AddBCC('laceyp@inlandtarp.com', "Lacey");
	$mail->AddBCC('joelm@inlandtarp.com', "Joel Martin");
	$mail->AddBCC('toddh@inlandtarp.com', "Todd Hoffer");
        $mail->SMTPDebug = 0;
        if(!@$mail->Send()) {
          //echo "Mailer Error: " . $mail->ErrorInfo;
        }
        if (!mysql_query("UPDATE orders SET status='$flags[1]',tracking='$flags[0]' WHERE order_number='$order_number'")){
          echo mysql_error();
        }
      }
    }
  }
}
}
function siteStats(){
    if ($query = mysql_query("SELECT total,order_date from orders LEFT JOIN users ON orders.username=users.username WHERE status != 'Canceled'")){
      while ($current_row = mysql_fetch_array($query)){
       $date = explode('-',$current_row['order_date']); 
       $year = $date[0];
       $month = $date[1];
       $orders[$year][$month][] = $current_row;
       $orders[$year][$month]['sale_total'] = ($orders[$year][$month]['sale_total'] + $current_row['total']);
       $orders[$year][$month]['order_total'] = $orders[$year][$month]['order_total'] + 1;
       $orders[$year]['order_total'] = $orders[$year]['order_total'] + 1;
       $orders[$year]['sale_total'] = ($orders[$year]['sale_total'] + $current_row['total']);
      }
      ?>
      <?
      foreach ($orders as $year => $order){ ?>
	<h3><? echo $year ?></h3>
	<table>
	<tr>
	<td>Month</td>
	<td># Orders</td>
	<td>Sales Total</td>
	</tr>
        <? 
	foreach ($order as $month => $order){ 
	  if ($month != 'sale_total' && $month != 'order_total'){
	  ?>
           <tr><td><? echo $month ?></td><td><? echo $orders[$year][$month]['order_total'] ?></td><td>$<? echo number_format($orders[$year][$month]['sale_total'],2) ?></td></tr>
	  <?
	  }
	} 
	?>
	</table>
         <p>Year Order Total = <? echo $orders[$year]['order_total'] ?></p>
         <p>Year Sales Total = $<? echo number_format($orders[$year]['sale_total'],2) ?></p>
      <?
      }
    }
}
function orderAdminList(){ //{{{
  if ($query=mysql_query("SELECT * FROM orders LEFT JOIN users ON users.username = orders.username")){
  ?>
    <h3>Manage Orders</h3>
    <form method="post" action="/admin/order/list">
    <table class="edit-products_off">
      <tr>
        <td>Order Number #</td>
        <td>Timestamp</td>
        <td>Customer Name</td>
        <td>Total</td>
        <td>Details</td>
        <td>Tracking #</td>
        <td>Status</td>
      </tr>
    <?
    while ($current_row = mysql_fetch_array($query)) {
	?>
     <tr>
        <td><? echo $current_row['order_number'] ?></td> 
        <td><? echo $current_row['order_date'] ?></td> 
        <td><? echo $current_row['first_name']." ".$current_row['last_name'] ?></td> 
        <td>$<? echo number_format($current_row['total'],2) ?></td> 
        <td><a href="/admin/order/details/<? echo $current_row['order_number'] ?>">Details</a></td>
        <td><input class="textbox" type="text" value="<? echo $current_row['tracking'] ?>" name="<? echo $current_row['order_number'] ?>[]">
        <td><select style="width:120px;" name="<? echo $current_row['order_number'] ?>[]"><? echo $current_row['status'] ?>
	<option <? if($current_row['status'] == "Processing"){?>selected<? } ?>>Processing</option>
	<option <? if($current_row['status'] == "Backorderd"){?>selected<? } ?>>Backorderd</option>
        <option <? if($current_row['status'] == "Packing"){?>selected<? } ?>>Packing</option>
	<option <? if($current_row['status'] == "Shipped"){?>selected<? } ?>>Shipped</option>
	<option <? if($current_row['status'] == "Canceled"){?>selected<? } ?>>Canceled</option>
	</select>
     </tr>
   <?
	}
    ?>
        </table>
        <input type="submit" value="Save Changes">
        </form><?
  } else {
    echo mysql_error();
  }
}//}}}
function orderDetails($order_number){ //{{{
if ($query = mysql_query("SELECT * FROM orders LEFT JOIN users ON users.username=orders.username WHERE order_number='$order_number' ORDER BY id DESC")){
    while ($current_row= mysql_fetch_array($query)){
      ?>
            <h4> Order # <? echo $current_row['order_number'] ?> </h4>
            <div class="order-info"> 
                 <p>Placed at: <? echo $current_row['order_date'] ?></p>
                 <p>Recipient: <? echo $current_row['first_name']." ".$current_row['last_name'] ?></p>
                 <p>Destination: <? echo $current_row['ship_address'].", ".$current_row['ship_city'].", ".$current_row['ship_state'].", ".$current_row['ship_zip'] ?></p>
                <p> Shipping Method: <span> <? echo $current_row['shipping_method'] ?> </span></p>
                 <p>Subtotal: $<? echo number_format($current_row['subtotal'],2) ?></p>
                 <p>Shipping Cost: $<? echo number_format($current_row['shipping_total'],2) ?></p>
                 <p>Taxes: $<? echo number_format($current_row['tax_total'],2) ?></p>
                 <p>Total: $<? echo number_format($current_row['total'],2) ?></p>
                 <p>Weight: <? echo number_format($current_row['weight'],2) ?>lb</p>
                 <120Status: <span> <? echo $current_row['status'] ?> </span></p>
            </div> <!-- end order-info -->
            <table>
            <tr>
             <td>Sku#</td>
             <td>Name</td>
             <td>Qty</td>
            </tr>
            <tr>
<?  $skus = explode("|", $current_row['skus_ordered']);
    foreach ($skus as $sku){
        $list= explode(",",$sku);
        if ($query=mysql_query("SELECT name FROM products WHERE sku='$list[0]'")){
          $current_row=mysql_fetch_array($query);
            ?><tr><td><? echo $list[0]?></td><td><? echo $current_row['name']?></td><td><? echo $list[1]?></td></tr><?
        }    
    } ?> 
      </table> <!-- end order itme -->
    <?
    }    
  }
echo mysql_error();
}//}}}
function dealerEdit($dealer_values,$username) {/*{{{*/
//var_dump($dealer_values);
?>
    <div id="dealer" class="clear">
      <h3><?php echo $username ?></h3>
        <ul>
            <li>Level 1 -<span> 10% for previous annual sales $0 - $10k</span></li>
            <li>Level 2 -<span> 15% for previous annual sales $10,001 - $50k</span></li>
            <li>Level 3 -<span> 20% for previous annual sales $50,001 - $100k</span></li>
            <li>Level 4 -<span> 25% for previous annual sales $100,001k+</span></li>
        </ul>
        <?php if ($dealer_values['error']) { ?>
        <span class="error">Please enter numeric values less than 100 for all fields.</span>
        <?php } ?>
        <span> Level Key </span>
    </div> <!-- end abc dealer -->
    <div id="gdiscount" class="clear">
        <h3> Global Discount </h3>
        <form method="POST" action="/admin/dealer/update">
           <input type="hidden" name="username" value="<? echo $dealer_values['username'] ?>">
           <input type="text" name="global" value="<? echo $dealer_values['global'] ?>">
           <input class="apply" type="submit" value="Apply">
    </div> <!-- end global discount -->
    <table>
        <tr class="header">
            <td>Product</td>
            <td>Dealer Discount Level</td>
            <td>Inventory % Off</td>
            <td>% Off Specials</td>
        </tr>
	<? 
	   $query = mysql_query('SELECT * FROM categories');
	   while ($current_row = mysql_fetch_array($query)){
	     $inv_perk="inv_perk".$current_row['category'];
	     $special="special".$current_row['category'];
	     $dealer_class="dealer_class".$current_row['category'];
	?>
        <tr>
            <td><? echo $current_row['category_name'] ?></td>
            <td>
                <select name="<? echo $dealer_class ?>">
                    <option value="10"<?php if ($dealer_values[$dealer_class] == 10) { ?> selected="selected"<?php } ?>>1</option>
                    <option value="15"<?php if ($dealer_values[$dealer_class] == 15) { ?> selected="selected"<?php } ?>>2</option>
                    <option value="20"<?php if ($dealer_values[$dealer_class] == 20) { ?> selected="selected"<?php } ?>>3</option>
                    <option value="25"<?php if ($dealer_values[$dealer_class] == 25) { ?> selected="selected"<?php } ?>>4</option>
                </select>
            </td>
            <td><input type="text" name="<? echo $inv_perk ?>" value=<?php echo $dealer_values[$inv_perk] ?>></td>
            <td><input type="text" name="<? echo $special ?>" value=<?php echo $dealer_values[$special] ?>></td>
        </tr> <!-- end table item-->
       <? } ?> 
	
    </table> <!-- end discount table -->
    <span class="bottom"></span>
    <input class="apply" type="submit" value="Apply">
    </form> <!-- end discount form -->
<?php
}/*}}}*/
function dealerUpdate($dealer_values){ // {{{
    //var_dump($dealer_values);
  global $db_server, $db_username, $db_password, $db_name; 
  mysql_query("UPDATE dealers SET
            special1='$dealer_values[special1]',
            special2='$dealer_values[special2]',
            special3='$dealer_values[special3]',
            special4='$dealer_values[special4]',
            special5='$dealer_values[special5]',
            special6='$dealer_values[special6]',
            special7='$dealer_values[special7]',
            special8='$dealer_values[special8]',
            special9='$dealer_values[special9]',
            inv_perk1='$dealer_values[inv_perk1]',
            inv_perk2='$dealer_values[inv_perk2]',
            inv_perk3='$dealer_values[inv_perk3]',
            inv_perk4='$dealer_values[inv_perk4]',
            inv_perk5='$dealer_values[inv_perk5]',
            inv_perk6='$dealer_values[inv_perk6]',
            inv_perk7='$dealer_values[inv_perk7]',
            inv_perk8='$dealer_values[inv_perk8]',
            inv_perk9='$dealer_values[inv_perk9]',
            dealer_class1='$dealer_values[dealer_class1]',
            dealer_class2='$dealer_values[dealer_class2]',
            dealer_class3='$dealer_values[dealer_class3]',
            dealer_class4='$dealer_values[dealer_class4]',
            dealer_class5='$dealer_values[dealer_class5]',
            dealer_class6='$dealer_values[dealer_class6]',
            dealer_class7='$dealer_values[dealer_class7]',
            dealer_class8='$dealer_values[dealer_class8]',
            dealer_class9='$dealer_values[dealer_class9]',
            global='$dealer_values[global]'
            WHERE username='$dealer_values[username]'");
  //var_dump($dealer_values); 
  //$connect = new mysqli($db_server, $db_username, $db_password, $db_name);
  //$dealer_insert_query = $connect->prepare('UPDATE dealers SET global=? WHERE username=?');
  //$dealer_insert_query->bind_param('ss', $dealer_values['global'], $dealer_values['username']);
  //$dealer_insert_query->execute();
  //echo mysqli_error($dealer_insert_query);
}//}}}
function dealerInfo($dealer_username) {/*{{{*/
    global $db_server, $db_username, $db_password, $db_name;
/*** Obsoleted by svanhorn's mysql functions
    $connect = new mysqli($db_server, $db_username, $db_password, $db_name);
    $dealer_exists_query = $connect->prepare(
        'SELECT
            special1,
            special2,
            special3,
            special4,
            special5,
            special6,
            special7,
            special8,
            special9,
            inv_perk1,
            inv_perk2,
            inv_perk3,
            inv_perk4,
            inv_perk5,
            inv_perk6,
            inv_perk7,
            inv_perk8,
            inv_perk9,
            dealer_class1,
     order   dealer_class2,
            dealer_class3,
            dealer_class4,
            dealer_class5,
            dealer_class6,
            dealer_class7,
            dealer_class8,
            dealer_class9,
            global
        FROM
            dealers
        WHERE
            username = ?'
        );
    $dealer_exists_query->bind_param('s', $dealer_username);
    $dealer_exists_query->execute();
    $dealer_exists_query->bind_result(
            $dealer_info['special1'],
            $dealer_info['special2'],
            $dealer_info['special3'],
            $dealer_info['special4'],
            $dealer_info['special5'],
            $dealer_info['special6'],
            $dealer_info['special7'],
            $dealer_info['special8'],
            $dealer_info['special9'],
            $dealer_info['inv_perk1'],
            $dealer_info['inv_perk2'],
            $dealer_info['inv_perk3'],
            $dealer_info['inv_perk4'],
            $dealer_info['inv_perk5'],
            $dealer_info['inv_perk6'],
            $dealer_info['inv_perk7'],
            $dealer_info['inv_perk8'],
            $dealer_info['inv_perk9'],
            $dealer_info['dealer_class1'],
            $dealer_info['dealer_class2'],
            $dealer_info['dealer_class3'],
            $dealer_info['dealer_class4'],
            $dealer_info['dealer_class5'],
            $dealer_info['dealer_class6'],
            $dealer_info['dealer_class7'],
            $dealer_info['dealer_class8'],
            $dealer_info['dealer_class9'],
            $dealer_info['global']
        );
*/
    $dealer_exists_query = connect();
    $q_result = select($dealer_exists_query, "special1,special2,special3,special4,special5,special6,special7,special8,special9,inv_perk1,inv_perk2,inv_perk3,inv_perk4,inv_perk5,inv_perk6,inv_perk7,inv_perk8,inv_perk9,dealer_class1,dealer_class2,dealer_class3,dealer_class4,dealer_class5,dealer_class6,dealer_class7,dealer_class8,dealer_class9,global", "dealers", "username", $dealer_username);
    $dealer_info = $q_result[0];
    unset($q_result);
    $dealer_exists_query->close();
    $dealer_info['username'] = $dealer_username;
    return($dealer_info);
}/*}}}*/
function dealerValidate($dealer_values) {/*{{{*/
    foreach ($dealer_values as $indx=>$valu) {
        if ($valu == NULL) {
            $dealer_values[$indx] = 0;
        }
        if (!is_numeric($valu) || $valu > 100) {
            $dealer_values['fail'] = true;
        }
    }
    return $dealer_values;
}/*}}}*/
function userAdminList(){ //{{{
  if ($query=mysql_query("SELECT username,first_name,last_name,admin,dealer FROM users")){
  ?>
    <h3>Edit Users</h3>
    <form method="post" action="<? $_SERVER['PHP_SELF'] ?>">
    <table class="edit-products_off">
      <tr>
        <td>Username</td>
        <td>First</td>
        <td>Last</td>
        <td>Edit</td>
        <td>Delete</td>
        <td>Admin</td>
        <td>Dealer</td>
      </tr>
    <?
    while ($current_row = mysql_fetch_array($query)) {
	?>
     <tr>
        <td><? echo $current_row['username'] ?></td> 
        <td><? echo $current_row['first_name'] ?></td> 
        <td><? echo $current_row['last_name'] ?></td> 
        <td><a href="/admin/user/edit/<? echo $current_row['username'] ?>"> edit</a></td>
        <td><a href="/admin/user/delete/<? echo $current_row['username'] ?>"> delete</a></td>
        <td><input type="checkbox" value="admin" name="admin|<? echo $current_row['username'] ?>"
        <? if ($current_row['admin']){ ?>checked<? } ?> /></td>
        <td><input type="checkbox" value="dealer" name="dealer|<? echo $current_row['username'] ?>"
        <? if ($current_row['dealer']){ ?>checked<? } ?> /></td>
     </tr>
   <?
	}
    ?>
        </table>
        <input type="hidden" name="dummy_name" value="dummy_value"/>
        <input type="submit" value="Save Changes">
        </form><?
  }
}//}}}
function userFlag($users){ // {{{
  global $db_server, $db_username, $db_password, $db_name;
  $current_admins_query = mysql_query('SELECT username FROM users WHERE admin IS NOT NULL');
  $current_dealers_query  = mysql_query('SELECT username FROM users WHERE dealer IS NOT NULL');
  while ($current_row = mysql_fetch_array($current_admins_query)){
    $current_admins[] .= $current_row[username];
  }
  while ($current_row = mysql_fetch_array($current_dealers_query)){
    $current_dealers[] .= $current_row[username];
  }
  foreach($users as $post_name => $flag){
    if ($post_name != 'dummy_value'){  
      $post_name_array=explode('|',$post_name);
      $flagged_user=$post_name_array[1];
      $flag=$post_name_array[0];
      if (is_array($current_admins) && $flag == 'admin' && !in_array(array($flagged_user),$current_admins)){
          mysql_query("UPDATE users SET admin=true WHERE username='$flagged_user'");
          //echo $flagged_user." is now an admin<br>";
      }
      if (is_array($current_dealers) && $flag == 'dealer' && !in_array(array($flagged_user),$current_dealers)){ 
          mysql_query("UPDATE users SET dealer=true WHERE username='$flagged_user'");
          $connect = new mysqli($db_server, $db_username, $db_password, $db_name);
          $dealer_insert_query = $connect->prepare('INSERT INTO dealers (username) VALUES(?)');
          $dealer_insert_query->bind_param('s', $flagged_user);
          $dealer_insert_query->execute();
          //echo $flagged_user." is now a dealer<br>";
      }  
    }
  }
  if (is_array($current_admins)){
    foreach($current_admins as $array => $admin_user){
      if (!array_key_exists("admin|".$admin_user, $users)){
        mysql_query("UPDATE users SET admin=NULL WHERE username='$admin_user'");
        //echo $admin_user." is no longer an admin<br>";
      }
    }
  }  
  if (is_array($current_dealers)){
    foreach($current_dealers as $array => $dealer_user){
      if (!array_key_exists("dealer|".$dealer_user, $users)){
        mysql_query("UPDATE users SET dealer=NULL WHERE username='$dealer_user'");
        $connect = new mysqli($db_server, $db_username, $db_password, $db_name);
        $dealer_insert_query = $connect->prepare('DELETE FROM dealers WHERE username=?');
        $dealer_insert_query->bind_param('s', $dealer_user);
        $dealer_insert_query->execute();
        //echo $dealer_user." is no longer a dealer<br>";
      }
    }
  }  
}//}}}
function productFetch($sku){ //{{{
  if ($query=mysql_query("SELECT * FROM products WHERE sku='".$sku."'")){
    return mysql_fetch_array($query);
  }
}//}}}
function userDelete($username,$confirm){ // {{{
	if($confirm == 'yes'){
          $query=mysql_query("DELETE FROM users WHERE username='".$username."'");
          header('Location: /admin/user/list'); 
          exit;
	} else {
	  $query=mysql_query("SELECT * FROM users WHERE username='".$username."'");
          $current_row = mysql_fetch_array($query);
    ?>  
    <h3>User to be removed:</h3>
    <p><? echo $current_row['username'] ?></p>
    <h3>Name:</h3>
    <p><? echo $current_row['first_name']." ".$current_row['last_name'] ?></p>
    <?
    echo "<p>Are you sure you want to delete this user? : <a id=\"deleteyes\" href=\"/admin/user/delete/".$username."/confirm\">yes</a> / <a id=\"deleteno\" href=\"/admin/user/list\">no</a>";
	}
}
function productDelete($sku,$confirm){ // {{{
	if($confirm == 'yes'){
      $query=mysql_query("DELETE FROM products WHERE sku='".$sku."'");
      header('Location: /admin/product/list'); 
      exit;
	} else {
	  $query=mysql_query("SELECT * FROM products WHERE sku='".$sku."'");
    $current_row = mysql_fetch_array($query);
    ?>  
    <h3>SKU to be removed:</h3>
    <p><? echo $current_row['sku'] ?></p>
    <h3>Name:</h3>
    <p><? echo $current_row['name'] ?></p>
    <h3>Image:</h3>
    <img src="/images/products/category-name-or-keywords-here/1/full/<?echo $current_row['sku']?>.jpg"/>
    <?
    echo "<p>Are you sure you want to delete this item? : <a id=\"deleteyes\" href=\"/admin/product/delete/".$sku."/confirm\">yes</a> / <a id=\"deleteno\" href=\"/admin/product/edit\">no</a>";
	}
} //}}}
function productNew() { //{{{
  echo "<form method=\"post\" action=\"/admin/product/edit\">";
  echo "  <p id=\"addsku\"><label>SKU:</label> <input name=\"sku\" value=\"\"></p>";
	if ($error){
	  echo "<p class=\"error\">".$error."</p>";
	}
  echo "  <input id=\"submitnew\" type=\"submit\" value=\"Add New SKU\">";
  echo "</form>";
} //}}}
function productAdminList($sortby=NULL,$page=NULL){ //{{{
    if (!$sortby){ 
      $sortby="sku";
    } else {
      $sortby = str_replace('sortby-','',$sortby);
    }
    if (!$page){ 
      $page="1";
    } else {
      $page = str_replace('page-','',$page);
    }
    $per_page="50";
    if ($page == 1) {
      $offset=0;
    } else {
      $offset=$per_page * $page;
    }
    $total_rows = mysql_num_rows(mysql_query("SELECT id FROM products WHERE parent=TRUE"));
    $total_pages = ceil($total_rows / $per_page) - 1 ;
    #$querystring = "SELECT id,sku,public_price,family,name,featured,parent FROM products ORDER BY ".$sortby." LIMIT ".$offset.",".$per_page."";
    $querystring = "SELECT id,sku,public_price,family,name,featured,parent,category FROM products WHERE parent=TRUE ORDER BY ".$sortby." LIMIT ".$offset.",".$per_page."";
    if ($query=mysql_query($querystring)){
      if(!$page) $page= "1";
      $prev_page = $page - 1;
      $next_page = $page + 1;
      $pagination ="<p class=\"pagination\"><a href=\"/admin/product/list/sortby-".$sortby."/page-1\"><<</a> ";
      $pagination .="<a href=\"/admin/product/list/sortby-".$sortby."/page-".$prev_page."\"><</a> ";
      for ($n=1;$n<=$total_pages;$n++){
        if ($n == $page) $pagination.="<b style=\"font-weight:700;\">";
        $pagination .=" <a href=\"/admin/product/list/sortby-".$sortby."/page-".$n."\">".$n."</a> ";
        if ($n == $page) $pagination.="</b>";
      }
      $pagination .="<a href=\"/admin/product/list/sortby-".$sortby."/page-".$next_page."\">></a> ";
      $pagination .="<a href=\"/admin/product/list/sortby-".$sortby."/page-".$total_pages."\">>></a></p>";
  ?>
    <h3>Edit Product Parents</h3>
    <form method="post" action="<? $_SERVER['PHP_SELF'] ?>">
    <? //echo $pagination ?>
    <table class="edit-products_off">
      <tr>
        <td>Image</td>
        <td><a href="/admin/product/list/sortby-family/page-1">Family</a></td>
        <td><a href="/admin/product/list/sortby-name/page-1">Parent Product</a></td>
        <td><a href="/admin/product/list/sortby-category/page-1">Category</a></td>
      </tr>
    <?
    while ($current_row = mysql_fetch_array($query)) {
	?>
     <tr>
     <td><img src="/images/products/category-name-or-keywords-here/1/thumb1/<? echo $current_row['sku']?>.jpg"></td> 
        <td><a href="/admin/product/family/<? echo $current_row['sku'] ?>"><? echo $current_row['family'] ?></a></td> 
        <td><a href="/admin/product/edit/<? echo $current_row['sku'] ?>"><? echo $current_row['name'] ?></a></td>
        <td><? echo $current_row['category'] ?></a></td>
     </tr>
   <?
	}
    ?>
        </table>
    <? //echo $pagination ?>
        <input type="hidden" name="dummy_name" value="dummy_value"/>
        <input type="submit" value="Save Changes">
        </form><?
  }
}//}}}
function productAdminFamily($sku){ //{{{
    //$querystring = "SELECT id,sku,public_price,family,name,featured,parent FROM products ORDER BY ".$sortby." LIMIT ".$offset.",".$per_page."";
    $family_query = mysql_query("SELECT family FROM products WHERE sku='".$sku."'");
    $family_array = mysql_fetch_array($family_query);
    $family = $family_array['family'];
    $querystring= "SELECT id,sku,public_price,family,name,featured,parent,enabled FROM products WHERE family='".$family."'";
    if ($query=mysql_query($querystring)){
  ?>
    <h3>Edit Products in family: <? echo $family ?></h3> 
    <form method="post" action="<? $_SERVER['PHP_SELF'] ?>">
    <? echo $pagination ?>
    <table class="edit-products_off">
      <tr>
        <td>Image</td>
        <td>Name</td>
        <td>SKU</td>
        <td>Price</a></td>
        <td>Edit</td>
        <td>Delete</td>
        <td>Featured</td>
        <td>Parent</td>
        <td>Enabled</td>
      </tr>
    <?
    while ($current_row = mysql_fetch_array($query)) {
	?>
     <tr>
     <td><img src="/images/products/category-name-or-keywords-here/1/thumb1/<? echo $current_row['sku']?>.jpg"></td> 
        <td><? echo $current_row['name'] ?></a></td> 
        <td><? echo $current_row['sku'] ?></td> 
        <td><? echo '$'.number_format($current_row['public_price'],2,'.',',') ?></td> 
        <td><a href="/admin/product/edit/<? echo $current_row['sku'] ?>"> edit</a></td>
        <td><a href="/admin/product/delete/<? echo $current_row['sku'] ?>"> delete</a></td>
        <td><input type="checkbox" value="featured" name="featured|<? echo $current_row['sku'] ?>"
        <? if ($current_row['featured']){ ?>checked<? } ?> /></td>
        <td><input type="checkbox" value="parent" name="parent|<? echo $current_row['sku'] ?>"
        <? if ($current_row['parent']){ ?>checked<? } ?> /></td>
        <td><input type="checkbox" value="enabled" name="enabled|<? echo $current_row['sku'] ?>"
        <? if ($current_row['enabled'] != '0'){ ?>checked<? } ?> /></td>
     </tr>
   <?
        $list .= $current_row['sku'].",";
	}
    ?>
        </table>
        <input type="hidden" name="sku_list" value="<? echo $list ?>"/>
        <input type="submit" value="Save Changes">
        </form><?
  }
}//}}}

function productInsert($product,$photo){ // {{{
  global $db_username,$db_password,$db_server,$db_name;	
  $valid_keys = array(
    'sku',
    'pentad_sku',
    'newsku',
    'name', 
    'overview', 
    'experience', 
    'specifications', 
    'assembly',
    'capactiy',  
    'application',  
    'additional',  
    'weight', 
    'true_cost', 
    'public_price', 
    'sale_price', 
    'keywords', 
    'category', 
    'list_weight',
    'family'
  );
  $valid_empty = array_fill_keys($valid_keys, NULL);
  $product = array_intersect_key(($product + $valid_empty),$valid_empty);
  $required_keys = array(
      'sku',
      'name',
      'family',
      'weight',
      'public_price'
  );
  foreach ($required_keys as $key) {
      if ($product[$key] == NULL) {
          $product['fail'][] = $key;
      }
  }
  if ($product['fail']) {
      return $product;
  }
  if ($query=mysql_query("SELECT id FROM products WHERE sku='$product[sku]'")){
    $id_array=mysql_fetch_array($query);
	$id=$id_array['id'];
  }
  #fix for preventing orphan products by checking if a requested family already has a parent
  if ($query=mysql_query("SELECT parent FROM products WHERE family='$product[family]'")){
    if(mysql_num_rows($query) == 0){
	$parent="1";
    }
  }
  #also added '$parent' at the end of VALUES block below, so the value gets passed into the db if it is set
  #endfix
  mysql_query("
    INSERT 
	products (
	  id,	
	  sku,
	  pentad_sku,
	  name,
	  overview,
	  experience,
	  specifications,
          assembly,
          capacity,
          application,
          additional,
	  weight,
	  true_cost,
	  public_price,
	  sale_price,
	  keywords,
	  category,
          list_weight,
	  family,
	  parent
    ) 
	VALUES (
	  '$id',
	  '$product[sku]',
	  '$product[pentad_sku]',
	  '$product[name]',
	  '$product[overview]',
	  '$product[experience]',
	  '$product[specifications]',
	  '$product[assembly]',
	  '$product[capacity]',
	  '$product[application]',
	  '$product[additional]',
	  '$product[weight]',
	  '$product[true_cost]',
	  '$product[public_price]',
	  '$product[sale_price]',
	  '$product[keywords]',
	  '$product[category]',
	  '$product[list_weight]',
	  '$product[family]',
	  '$parent'
    ) 
	ON DUPLICATE KEY UPDATE 
	  sku='$product[sku]',
	  pentad_sku='$product[pentad_sku]',
	  name='$product[name]',
	  overview='$product[overview]',
	  experience='$product[experience]',
	  specifications='$product[specifications]',
	  assembly='$product[assembly]',
	  capacity='$product[capacity]',
	  application='$product[application]',
	  additional='$product[additional]',
	  weight='$product[weight]',
	  true_cost='$product[true_cost]',
	  public_price='$product[public_price]',
	  sale_price='$product[sale_price]',
	  keywords='$product[keywords]',
	  category='$product[category]',
	  list_weight='$product[list_weight]'
	  family='$product[family]'
	  ");
  // echo mysql_error();
  $num=1;  
  foreach($photo as $each => $values){
  //echo "each=".$photo[$each]['tmp_name'];    
  if ($photo[$each]['tmp_name']){ 
      $image_full = new Imagick($photo[$each]['tmp_name']);
      if ($image_full->getImageWidth() >= "1000"){
        $image_full->adaptiveResizeImage(1000,1000,true);
      }
	  $im_thumb1 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb1->adaptiveResizeImage(64,39);
	  $im_thumb1->roundCorners(3,3);
	  $im_thumb1_sh = $im_thumb1->clone();
	  $im_thumb1_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb1_sh->shadowImage( 80, 1, 1, 2 );
	  $im_thumb1_sh->compositeImage( $im_thumb1, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb1 = $im_thumb1_sh->clone();
	  $image_thumb1->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb1->compositeImage($im_thumb1_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb1->setImageFormat('jpeg');
	  $image_thumb1->flattenImages();
	  $im_thumb2 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb2->adaptiveResizeImage(134,88);
	  $im_thumb2->roundCorners(5,5);
	  $im_thumb2_sh = $im_thumb2->clone();
	  $im_thumb2_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb2_sh->shadowImage( 80, 1, 1, 5 );
	  $im_thumb2_sh->compositeImage( $im_thumb2, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb2 = $im_thumb2_sh->clone();
	  $image_thumb2->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb2->compositeImage($im_thumb2_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb2->setImageFormat('jpeg');
	  $image_thumb2->flattenImages();
	  $im_thumb3 = new Imagick($photo[$each]['tmp_name']);
	  $im_thumb3->setImageBackgroundColor( new ImagickPixel( 'white' ) );
	  $im_thumb3->adaptiveResizeImage(199,136);
	  $im_thumb3->roundCorners(5,5);
	  $im_thumb3_sh = $im_thumb3->clone();
	  $im_thumb3_sh->setImageBackgroundColor( new ImagickPixel( 'black' ) );
	  $im_thumb3_sh->shadowImage( 80, 1, 1, 5 );
	  $im_thumb3_sh->compositeImage( $im_thumb3, Imagick::COMPOSITE_OVER, 0, 0 );
	  $image_thumb3 = $im_thumb3_sh->clone();
	  $image_thumb3->colorFloodFillImage('#FFFFFF', 100, '#777777', 0, 0);
	  $image_thumb3->compositeImage($im_thumb3_sh, Imagick::COMPOSITE_OVER, 0, 0);
	  $image_thumb3->setImageFormat('jpeg');
	  $image_thumb3->flattenImages();

	  $connect = new mysqli($db_server, $db_username, $db_password, $db_name);
      $queryline = "UPDATE products SET
		  image".$num."_full = ?,
		  image".$num."_thumb1 = ?,
		  image".$num."_thumb2 = ?,
		  image".$num."_thumb3 = ?
          WHERE id = ?";
          //echo $queryline;
      if ($query = $connect->prepare($queryline)) {
		  $null = NULL;
		  $query->bind_param('bbbbi',$null,$null,$null,$null,$id);
          //echo $id;
          $query->send_long_data(0, $image_full);
          //var_dump($image_full);
		  unset($image_full);
		  $query->send_long_data(1, $image_thumb1);
		  unset($image_thumb1);
		  $query->send_long_data(2, $image_thumb2);
		  unset($image_thumb2);
		  $query->send_long_data(3, $image_thumb3);
		  unset($image_thumb3);
          $query->execute();
      } else {
          printf("Errormessage: %s\n", $connect->error);
          printf("Errormessage: %s\n", $connect->sqlstate);
          printf("Errormessage: %s\n", $connect->dump_debug_info);
	  }
    }
          $num++;
  }
} //}}}
function productEdit($product = NULL, $fail=NULL){ //{{{
  //var_dump($fail);
?>
      <form method="post" enctype="multipart/form-data" action="/admin/product/insert">
        <input type="hidden" name="sku" value="<? echo $product['sku'] ?>">
        <label>SKU:</label><input type="text" name="sku" value="<? echo $product['sku'] ?>">
        <label>Pentad SKU:</label><input type="text" name="pentad_sku" value="<? echo $product['pentad_sku'] ?>">
        <p class="name">
          <label>Name:</label>
          <input type="text" name="name" value="<? echo $product['name'] ?>">
        </p>
      <? if ($fail && !$product['name']) { ?>
        <p class="error">* Please enter a name before submitting.</p>
      <? } ?>
        <p class="overview">
          <label>Overview:</label>
          <textarea name="overview"><? echo $product['overview'] ?></textarea>
        </p>
      <? //if ($fail && !$product['overview']) { ?>
        <!-- <p class="error">* Please enter a descriptive product overview before submitting.</p> -->
      <? //} ?>
        <p class="experience">
          <label>Experience:</label>
          <textarea name="experience"><? echo $product['experience'] ?></textarea>
        </p>
        <p class="specifications">
          <label>Specifications:</label>
          <textarea name="specifications"><? echo $product['specifications'] ?></textarea>
        </p>
        <p class="assembly">
          <label>Assembly:</label>
          <textarea name="assembly"><? echo $product['assembly'] ?></textarea>
        </p>
        <p class="capacity">
          <label>Capacity:</label>
          <textarea name="capacity"><? echo $product['capacity'] ?></textarea>
        </p>
        <p class="application">
          <label>Application:</label>
          <textarea name="application"><? echo $product['application'] ?></textarea>
        </p>
        <p class="additional">
          <label>Aditional:</label>
          <textarea name="additional"><? echo $product['additional'] ?></textarea>
        </p>
        <p class="weight">
          <label>Weight:</label>
          <input type="text" name="weight" value="<? echo $product['weight'] ?>">
        </p>
      <? if ($fail && !$product['weight']) { ?>
        <p class="error">* Please enter a weight before submitting.</p>
      <? } ?>
        <p class="true_cost">
          <label>True Cost:</label>
          <input type="text" name="true_cost" value="<? echo $product['true_cost'] ?>">
        </p>
      <? if ($fail && !$product['true_cost']) { ?>
        <p class="error">* Please enter a true cost before submitting.</p>
      <? } ?>
        <p class="public_price">
          <label>Public Price:</label>
          <input type="text" name="public_price" value="<? echo $product['public_price'] ?>">
        </p>
      <? if ($fail && !$product['public_price']) { ?>
        <p class="error">* Please enter a public price before submitting.</p>
      <? } ?>
        <p class="sale_price">
          <label>Sale Price:</label>
          <input type="text" name="sale_price" value="<? echo $product['sale_price'] ?>">
        </p>
        <p class="keywords">
          <label>Keywords:</label>
          <input type="text" name="keywords" value="<? echo $product['keywords'] ?>">
        </p>
      <? if ($fail && !$product['keywords']) { ?>
        <p class="error">* Please enter at least one keyword before submitting.</p>
      <? } ?>
        <p class="category">
          <label>Category:</label>
          <select name="category" value="<? echo $product['category'] ?>">
          <?
	   $query = mysql_query('SELECT * FROM categories');
	   while ($current_row = mysql_fetch_array($query)){
           ?>
	    <option <? if ($product['category'] == $current_row['category']){ ?>selected="selected"<? } ?> value="<? echo $current_row['category']?>"><? echo $current_row['category_name'] ?></option>
            <? } ?>
	  </select>
        </p>
      <? if ($fail && !$product['category']) { ?>
        <p class="error">* Please choose a category before submitting.</p>
      <? } ?>
      	<p id="list_weight">
          <label>List Weight:</label>
      	  <input type="text" name="list_weight" value="<? echo $product['list_weight'] ?>">
        </p>
      	<p id="family">
          <label>Product Family:</label>
      	  <input type="text" name="family" value="<? echo $product['family'] ?>">
        </p>
        <label>Primary Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/1/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo1">
        </p>
        <label>Second Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/2/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo2">
        </p>
        <label>Third Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/3/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo3">
        </p>
        <label>Fourth Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/4/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo4">
        </p>
        <label>Fifth Product Photo:</label>
		<div><img src="/images/products/category-name-or-keywords-here/5/full/<? echo $product['sku'] ?>.jpg"></div>
      	<p class="photo">
          <label>Upload: Photo:</label>
          <input type="file" name="photo5">
        </p>
        <input class="submit" type="submit" value="Submit to Database">
      </form>
      <?
} // }}}
function productValidate($product){ // {{{
  $valid_keys = array(
    'sku',
    'pentad_sku',
    'newsku',
	'name', 
	'overview', 
	'experience', 
	'specifications', 
	'assembly', 
	'weight', 
	'true_cost', 
	'public_price', 
	'sale_price', 
	'keywords', 
	'category',
	'family' 
  );
  $required_keys = array(
    'sku',
    'name',
    'weight',
    'true_cost',
    'public_price',
    'keywords',
    'category'
  );
  $valid_empty = array_fill_keys($valid_keys, NULL);
  $product = array_intersect_key(($product + $valid_empty),$valid_empty);
  foreach ($required_keys as $req) {
	if ($product[$req] == NULL) {
		return false;
	}
  }
  return true;
}//}}}
function productFlag($post){ // {{{
  $post['sku_list'] = preg_replace('/,$/','',$post['sku_list']);
  $products = explode(',',$post['sku_list']);
  foreach($products as $sku){
      $parent_name='parent|'.$sku;
      $featured_name='parent|'.$sku;
      $enabled_name='enabled|'.$sku;
      if ($post[$enabled_name]){
         mysql_query("UPDATE products SET enabled=true WHERE sku='$sku'");
      } else {
          mysql_query("UPDATE products SET enabled=false WHERE sku='$sku'");
      }
      if ($post[$parent_name] && $post[$featured_name]){
          mysql_query("UPDATE products SET parent=true,featured=true WHERE sku='$sku'");
      } else if ($post[$parent_name]){
          mysql_query("UPDATE products SET parent=true WHERE sku='$sku'");
      } else if ($post[$featured_name]){
          mysql_query("UPDATE products SET featured=true WHERE sku='$sku'");
      } else {
          mysql_query("UPDATE products SET parent=NULL,featured=NULL WHERE sku='$sku'");
      }
    }  
}//}}}
function couponAdminList(){ //{{{
    ?>
    <h3>Add New Coupon</h3>
    <form method="post" action="<? $_SERVER['PHP_SELF'] ?>">
        <label>Code</label><input type="text" name="code" value=""/>
        <label>Description</label><input type="text" name="description" value=""/>
        <label>Discount</label><input type="text" name="discount" value=""/>
        <label>Initiation</label><input type="text" name="initiation" value=""/>
        <label>Expiration</label><input type="text" name="expiration" value=""/>
        <label>Categories</label>
        <table class="coupon-categories">
          <?
	   $query = mysql_query('SELECT * FROM categories');
	   while ($current_row = mysql_fetch_array($query)){
	     $categories[$current_row['category']] = $current_row['category_name'];
	   }
	   ?>
          <tr>
	    <? foreach ($categories as $category => $category_name){ ?>
            <td><? echo $category ?></td>
	    <? } ?>
          </tr>
          <tr>
	    <? foreach ($categories as $category => $category_name){ ?>
            <td><? echo $category_name ?></td>
	    <? } ?>
          </tr>
          <tr>
	    <? foreach ($categories as $category => $category_name){ ?>
            <td><input type="checkbox" name="categories[]" value="<? echo $category ?>"></td>
	    <? } ?>
          </tr>
      </table>
      <label>Product Families</label>
      <select class="multiselect" multiple name="families[]">
      <option></option>
      <?
	   $query = mysql_query('SELECT DISTINCT family FROM products');
	   while ($current_row = mysql_fetch_array($query)){
	   ?><option><? echo $current_row['family'] ?></option><?
	   }
      ?>
      </select>
        <input type="submit" value="Add">
    </form>
    <h3>Existing Coupons</h3>
    <table>
      <tr>
        <td>Code</td>
        <td>Description</td>
        <td>Discount</td>
        <td>Initiation</td>
        <td>Expiration</td>
        <td>Categories</td>
        <td>Families</td>
        <!--
	<td>Times Used</td>
        <td>Total Saved</td>
	-->
        <td>Delete Link</td>
      </tr>
    <?
    if ($query=mysql_query("SELECT * FROM coupons ORDER BY id DESC")){
    while ($current_row = mysql_fetch_array($query)) {
	?>
     <tr>
        <td><? echo $current_row['code'] ?></td> 
        <td><? echo $current_row['description'] ?></td> 
        <td><? echo $current_row['discount'] ?>%</td> 
        <td><? echo $current_row['initiation'] ?></td> 
        <td><? echo $current_row['expiration'] ?></td> 
        <td><? echo $current_row['categories'] ?></td> 
        <td><? echo $current_row['families'] ?></td> 
        <!--
	<td><? echo $current_row['total_used'] ?></td> 
        <td><? echo $current_row['total_saved'] ?></td> 
	-->
        <td><a href="/admin/coupon/delete/<? echo $current_row['code'] ?>">Delete</a></td> 
     </tr>
   <?
	}
    ?>
        </table>
    <?
  }
}//}}}
function couponDelete($coupon){
 mysql_query("DELETE FROM coupons where code='$coupon'");
}
function couponInsert($coupon){ // {{{
  global $db_username,$db_password,$db_server,$db_name;	
  $valid_keys = array(
    'code',
    'description',
    'initiation',
    'expiration',
    'discount', 
    'categories', 
    'families' 
  );
  $valid_empty = array_fill_keys($valid_keys, NULL);
  $coupon = array_intersect_key(($coupon + $valid_empty),$valid_empty);
  $required_keys = array(
      'code',
      'description',
      'discount',
  );
  foreach ($required_keys as $key) {
      if ($coupon[$key] == NULL) {
          $coupon['fail'][] = $key;
      }
  }
  if ($coupon['fail']) {
      return $coupon;
  }
  if ($query=mysql_query("SELECT id FROM coupons WHERE code='$coupon[code]'")){
    $id_array=mysql_fetch_array($query);
	$id=$id_array['id'];
  }
  if ($coupon['categories']){
  $coupon['categories']=implode(',',$coupon['categories']);
  }
  if ($coupon['families']){
  $coupon['families']=implode(',',$coupon['families']);
  }
  if (!mysql_query("
    INSERT 
	coupons (
	  id,	
	  code,
	  description,
	  initiation,
	  expiration,
	  discount,
	  categories,
	  families
    ) 
	VALUES (
	  '$id',
	  '$coupon[code]',
	  '$coupon[description]',
	  '$coupon[initiation]',
	  '$coupon[expiration]',
	  '$coupon[discount]',
	  '$coupon[categories]',
	  '$coupon[families]'
    ) 
	ON DUPLICATE KEY UPDATE 
	  code='$coupon[code]',
	  description='$coupon[description]',
	  discount='$coupon[discount]',
	  categories='$coupon[categories]',
	  families='$coupon[families]'
	  ")){
   echo mysql_error();
   exit;
   }
} ///}}}
?>

Open in new window

you really need to take a look at the sql command. I normally load it into a variable (then echo it)


Post the reply and we'll be able to better help
$sql_command = "
    INSERT 
	products (
	  id,	
	  sku,
	  pentad_sku,
	  name,
	  overview,
	  experience,
	  specifications,
          assembly,
          capacity,
          application,
          additional,
	  weight,
	  true_cost,
	  public_price,
	  sale_price,
	  keywords,
	  category,
          list_weight,
	  family,
	  parent
    ) 
	VALUES (
	  '$id',
	  '$product[sku]',
	  '$product[pentad_sku]',
	  '$product[name]',
	  '$product[overview]',
	  '$product[experience]',
	  '$product[specifications]',
	  '$product[assembly]',
	  '$product[capacity]',
	  '$product[application]',
	  '$product[additional]',
	  '$product[weight]',
	  '$product[true_cost]',
	  '$product[public_price]',
	  '$product[sale_price]',
	  '$product[keywords]',
	  '$product[category]',
	  '$product[list_weight]',
	  '$product[family]',
	  '$parent'
    ) 
	ON DUPLICATE KEY UPDATE 
	  sku='$product[sku]',
	  pentad_sku='$product[pentad_sku]',
	  name='$product[name]',
	  overview='$product[overview]',
	  experience='$product[experience]',
	  specifications='$product[specifications]',
	  assembly='$product[assembly]',
	  capacity='$product[capacity]',
	  application='$product[application]',
	  additional='$product[additional]',
	  weight='$product[weight]',
	  true_cost='$product[true_cost]',
	  public_price='$product[public_price]',
	  sale_price='$product[sale_price]',
	  keywords='$product[keywords]',
	  category='$product[category]',
	  list_weight='$product[list_weight]'
	  family='$product[family]'
	  ");

//then I use this to echo the command and error reply
// I first set $degub at the top of the script
$debug=TRUE;

if (mysql_errno() or $debug)
  echo "line: ". __LINE__ ."<br />\n".$sql_command."<br />\n".mysql_errno().": ".mysql_error()."<br />\n";

Open in new window

Author

Commented:
Ok, after inputting the code you suggested, this is the reply that came back
line: 751

1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'family='Bull Flex Hay Tarp'' at line 64

Warning: Cannot modify header information - headers already sent by (output started at /home/inland/public_html/includes/adminFunctions.php:751) in /home/inland/public_html/admin.php on line 106

Open in new window

Ok, this is progress.

You're missing a comma after '$product[list_weight]'
list_weight='$product[list_weight]'
	  family='$product[family]'
	  ");

// should be

list_weight='$product[list_weight]',
	  family='$product[family]'
	  ");

Open in new window

Author

Commented:
Well that fixed one issue, but now another has arisen. For some reason it is not taking photo uploads for the products, which is controlled on the same adminfunctions.php page. Any Ideas?
quick ideas, check file size limits on uploads.

Author

Commented:
Got it, thanks!