Code: Select all
Parse error: parse error, unexpected T_BOOLEAN_AND, expecting ')' in C:\Program Files\Apache Group\Apache2\htdocs\feyd.php on line 40Code: Select all
<?php
<?php
if(isset($_GET['view']))
{
@ $db = mysql_pconnect('localhost','root');
if (!$db)
{
echo 'Error: no record to database. Please try again later.';
exit;
}
mysql_select_db('mobile');
$query = mysql_query("SELECT binImage FROM products WHERE id ='$_GET[view]' LIMIT 1") or die("query failed: ".mysql_error());
if(mysql_num_rows($query) > 0)
{
list($image) = mysql_fetch_row($query);
echo base64_decode($image);
}
exit;
}
?>
<html>
<head>
<title>Admin - Products</title></head>
<body>
<?php
@ $db = mysql_pconnect('localhost','root');
if (!$db)
{
echo 'Error: no record to database. Please try again later.';
exit;
}
mysql_select_db('mobile');
[u[b]] //line40 here[/u][/b] if(!empty($_POST['product_id']) && !empty($_POST['category_id']) &&!empty($_POST['product']) && !empty($_POST['description']&& !empty($_POST['price']) &&!empty($_FILES['userfile']))
{
if(($info =getimagesize($_FILES['product_image']['tmp_name'])) === false)
{
echo("file uploaded wasn't a known image type");
}
else
{
$sql = "SELECT product_id FROM products WHERE name='$_POST[product]' LIMIT 1";
$query = mysql_query($sql);
if($already = (mysql_num_rows($query) > 0))
{ // image already exists in database, do an update..
$result = mysql_query("UPDATE products SET(category_id,product,description,price,binImage)VALUES('$_POST[category_id]','$_POST[product]','$_POST[description]','$_POST[price]','".base64_encode(file_get_contents($_FILES['userfile']['tmp_name']))."') WHERE txtItemName = '$_POST[txtItemName]' LIMIT 1") or mysql_error();
}
else
{ // image isn't in database
$result = mysql_query("INSERT INTO product(category_id,product,description,price,binImage) VALUES('$_POST[category_id]','$_POST[product]','$_POST[description]','$_POST[price]',".base64_encode(file_get_contents($_FILES['userfile']['tmp_name'])).")") or mysql_error();
}
if(mysql_affected_rows() > 0)
{
if($already > 0)
echo "$_POST[product]'s Category, Description, and Image updated";
else
echo "$_POST[product] added to database.";
echo "<br />\n";
echo "<a href="$_SERVER[SCRIPT_NAME]?update">Add/update another</a> or <ahref="$_SERVER[SCRIPT_NAME]">view all products</a>.";
}
else
{
echo "unable to add/update: $result";
}
}
}
elseif(isset($_GET['update']))
{ // add or update form..
echo<<<EOD
<div style="padding:0;margin:0;margin-bottom:10px">
<form enctype="multipart/form-data" action="$_SERVER[SCRIPT_NAME]" method="post">
Choose a product category <br>
<select name="category_id" id="select">
<option value="0" SELECTED>0</option>
EOD;
$query = mysql_query("SELECT category_id,category FROM category WHERE 1") or die(mysql_error());
while($row = mysql_fetch_assoc($query) or die(mysql_error()) {
echo "<option value="$row[id]">$row[id]-> $row[name]</option>\n";
}
echo<<<EOD
</select>
<br>
item name<br>
<input type="text" name="product"><br>
item description<br>
<input type="text" name="description"><br>
item price<br>
<input type="text" name="price"><br>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
File:
<input name="userfile" type="file">
<input type="submit" value="Upload">
</div>
EOD;
}
else
{ // view all products
$query = mysql_query("SELECT p.id,p.product,c.category,p.description,p.price FROM products p,category c WHERE p.category_id = c.category_id") or mysql_error();
if(mysql_num_rows($query) == 0)
{
echo "failed to find records: $query";
}
else
{
while($row = mysql_fetch_assoc($query))
{
echo<<<EOD
<div style="padding:0;margin:0;margin-bottom:10px">
<div style="border:0;border-bottom:1px dashedblack">$row[id] :: $row[product] :: $row[category</div>
<div><img src="$_SERVER[SCRIPT_NAME]?view=$row[id]"align=left>$row[description]</div>
</div>
EOD;
}
echo<<<EOD
<div style="padding:0;margin:0;margin-bottom:10px">
<form enctype="multipart/form-data" action="$_SERVER[SCRIPT_NAME]"method="post">
Choose a product category <br>
<select name="category_id" id="select">
<option value="0" SELECTED>0</option>
EOD;
$query = mysql_query("SELECT category_id,category FROM category WHERE 1") or die(mysql_error());
while($row = mysql_fetch_assoc($query) or die(mysql_error())
{
echo "<option value="$row[id]">$row[id]-> $row[name]</option>\n";
}
echo<<<EOD
</select>
<br>
item name<br>
<input type="text" name="product"><br>
item description<br>
<input type="text" name="description"><br>
item price<br>
<input type="text" name="price"><br>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
File:
<input name="userfile" type="file">
<input type="submit" value="Upload">
</div>
EOD;
}
}
?>
</body>
</html>
?>