Problem to create admin section for e-commerce web site

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
mustahid_ara
Forum Newbie
Posts: 2
Joined: Sun Jun 29, 2008 11:24 pm

Problem to create admin section for e-commerce web site

Post by mustahid_ara »

my problem is when i login the admin section, i visit the index page in admin section.but in admin section i'cant visit any link. If i click any link ,then i have a error massage(this page can not find the server).I think this problem is in config.php.in config section i can't understand what is "webroot and docroot".Please specify me.

//config.php

Code: Select all

<?php
//ini_set('display_errors', 'On');
//ob_start("ob_gzhandler");
//error_reporting(E_ALL);
 
// start the session
session_start();
 
// database connection config
$dbHost = 'localhost';
$dbUser = 'root';
$dbPass = '';
$dbName = 'plaincart';
 
// setting up the web root and server root for
// this shopping cart application
$thisFile = str_replace('\\', '/', __FILE__);
$docRoot = $_SERVER['DOCUMENT_ROOT'];
 
$webRoot  = str_replace(array($docRoot, 'library/config.php'), '', $thisFile);
$srvRoot  = str_replace('library/config.php', '', $thisFile);
 
define('WEB_ROOT', $webRoot);
define('SRV_ROOT', $srvRoot);
 
// these are the directories where we will store all
// category and product images
define('CATEGORY_IMAGE_DIR', 'images/category/');
define('PRODUCT_IMAGE_DIR',  'images/product/');
 
// some size limitation for the category
// and product images
 
// all category image width must not 
// exceed 75 pixels
define('MAX_CATEGORY_IMAGE_WIDTH', 75);
 
// do we need to limit the product image width?
// setting this value to 'true' is recommended
define('LIMIT_PRODUCT_WIDTH',     true);
 
// maximum width for all product image
define('MAX_PRODUCT_IMAGE_WIDTH', 300);
 
// the width for product thumbnail
define('THUMBNAIL_WIDTH',         75);
 
if (!get_magic_quotes_gpc()) {
    if (isset($_POST)) {
        foreach ($_POST as $key => $value) {
            $_POST[$key] =  trim(addslashes($value));
        }
    }
    
    if (isset($_GET)) {
        foreach ($_GET as $key => $value) {
            $_GET[$key] = trim(addslashes($value));
        }
    }   
}
 
// since all page will require a database access
// and the common library is also used by all
// it's logical to load these library here
require_once 'database.php';
require_once 'common.php';
 
// get the shop configuration ( name, addres, etc ), all page need it
$shopConfig = getShopConfig();
?>

//database.php

Code: Select all

<?php
require_once 'config.php';
 
$dbConn = mysql_connect ($dbHost, $dbUser, $dbPass) or die ('MySQL connect failed. ' . mysql_error());
mysql_select_db($dbName) or die('Cannot select database. ' . mysql_error());
 
function dbQuery($sql)
{
    $result = mysql_query($sql) or die(mysql_error());
    
    return $result;
}
 
function dbAffectedRows()
{
    global $dbConn;
    
    return mysql_affected_rows($dbConn);
}
 
function dbFetchArray($result, $resultType = MYSQL_NUM) {
    return mysql_fetch_array($result, $resultType);
}
 
function dbFetchAssoc($result)
{
    return mysql_fetch_assoc($result);
}
 
function dbFetchRow($result) 
{
    return mysql_fetch_row($result);
}
 
function dbFreeResult($result)
{
    return mysql_free_result($result);
}
 
function dbNumRows($result)
{
    return mysql_num_rows($result);
}
 
function dbSelect($dbName)
{
    return mysql_select_db($dbName);
}
 
function dbInsertId()
{
    return mysql_insert_id();
}
?>
//login.php

Code: Select all

<?php
require_once '../library/config.php';
require_once './library/functions.php';
 
$errorMessage = '&nbsp;';
 
if (isset($_POST['txtUserName'])) {
    $result = doLogin();
    
    if ($result != '') {
        $errorMessage = $result;
    }
}
 
?>
<html>
<head>
<title>Shop Admin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="include/admin.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
 <tr> 
  <td><img src="include/banner-top.gif" width="750" height="75"></td>
 </tr>
 <tr> 
  <td valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="20">
    <tr> 
     <td class="contentArea"> <form method="post" name="frmLogin" id="frmLogin">
       <p>&nbsp;</p>
       <table width="350" border="0" align="center" cellpadding="5" cellspacing="1" bgcolor="#336699" class="entryTable">
        <tr id="entryTableHeader"> 
         <td>:: Admin Login ::</td>
        </tr>
        <tr> 
         <td class="contentArea"> 
         <div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
          <table width="100%" border="0" cellpadding="2" cellspacing="1" class="text">
           <tr align="center"> 
            <td colspan="3">&nbsp;</td>
           </tr>
           <tr class="text"> 
            <td width="100" align="right">User Name</td>
            <td width="10" align="center">:</td>
            <td><input name="txtUserName" type="text" class="box" id="txtUserName" size="10" maxlength="20"></td>
           </tr>
           <tr> 
            <td width="100" align="right">Password</td>
            <td width="10" align="center">:</td>
            <td><input name="txtPassword" type="password" class="box" id="txtPassword" size="10"></td>
           </tr>
           <tr> 
            <td colspan="2">&nbsp;</td>
            <td><input name="btnLogin" type="submit" class="box" id="btnLogin" value="Login"></td>
           </tr>
          </table></td>
        </tr>
       </table>
       <p>&nbsp;</p>
      </form></td>
    </tr>
   </table></td>
 </tr>
</table>
<p>&nbsp;</p>
</body>
</html>

//index.php

Code: Select all

<?php
require_once '../library/config.php';
require_once './library/functions.php';
 
checkUser();
 
$content = 'main.php';
 
$pageTitle = 'Shop Admin';
$script = array();
 
require_once 'include/template.php';
?>
 
//main.php
<p align="center">Admin Main Page</p>
<p align="center">Choose a menu from the left navigation to get started</p>

//this is category section which is i can't open from the admin section

//admin/category/add.php

Code: Select all

<?php
if (!defined('WEB_ROOT')) {
    exit;
}
 
 
$parentId = (isset($_GET['parentId']) && $_GET['parentId'] > 0) ? $_GET['parentId'] : 0;
?> 
 
<form action="processCategory.php?action=add" method="post" enctype="multipart/form-data" name="frmCategory" id="frmCategory">
 <p align="center" class="formTitle">Add Category</p>
 
 <table width="100%" border="0" align="center" cellpadding="5" cellspacing="1" class="entryTable">
  <tr> 
   <td width="150" class="label">Category Name</td>
   <td class="content"> <input name="txtName" type="text" class="box" id="txtName" size="30" maxlength="50"></td>
  </tr>
  <tr> 
   <td width="150" class="label">Description</td>
   <td class="content"> <textarea name="mtxDescription" cols="50" rows="4" class="box" id="mtxDescription"></textarea></td>
  </tr>
  <tr> 
   <td width="150" class="label">Image</td>
   <td class="content"> <input name="fleImage" type="file" id="fleImage" class="box"> 
    <input name="hidParentId" type="hidden" id="hidParentId" value="<?php echo $parentId; ?>"></td>
  </tr>
 </table>
 <p align="center"> 
  <input name="btnAddCategory" type="button" id="btnAddCategory" value="Add Category" onClick="checkCategoryForm();" class="box">
  &nbsp;&nbsp;<input name="btnCancel" type="button" id="btnCancel" value="Cancel" onClick="window.location.href='index.php?catId=<?php echo $parentId; ?>';" class="box">  
 </p>
</form>
//admin/category/index.php

Code: Select all

<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
 
$_SESSION['login_return_url'] = $_SERVER['REQUEST_URI'];
checkUser();
 
$view = (isset($_GET['view']) && $_GET['view'] != '') ? $_GET['view'] : '';
 
switch ($view) {
    case 'list' :
        $content    = 'list.php';       
        $pageTitle  = 'Shop Admin Control Panel - View Category';
        break;
 
    case 'add' :
        $content    = 'add.php';        
        $pageTitle  = 'Shop Admin Control Panel - Add Category';
        break;
 
    case 'modify' :
        $content    = 'modify.php';     
        $pageTitle  = 'Shop Admin Control Panel - Modify Category';
        break;
 
    default :
        $content    = 'list.php';       
        $pageTitle  = 'Shop Admin Control Panel - View Category';
}
 
 
$script    = array('category.js');
 
require_once '../include/template.php';
?>

//admin/category/processcategory.php

Code: Select all

<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
 
checkUser();
 
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
    
    case 'add' :
        addCategory();
        break;
      
    case 'modify' :
        modifyCategory();
        break;
        
    case 'delete' :
        deleteCategory();
        break;
    
    case 'deleteImage' :
        deleteImage();
        break;
    
       
    default :
        // if action is not defined or unknown
        // move to main category page
        header('Location: index.php');
}
 
 
/*
    Add a category
*/
function addCategory()
{
    $name        = $_POST['txtName'];
    $description = $_POST['mtxDescription'];
    $image       = $_FILES['fleImage'];
    $parentId    = $_POST['hidParentId'];
    
    $catImage = uploadImage('fleImage', SRV_ROOT . 'images/category/');
    
    $sql   = "INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, cat_image) 
              VALUES ($parentId, '$name', '$description', '$catImage')";
    $result = dbQuery($sql) or die('Cannot add category' . mysql_error());
    
    header('Location: index.php?catId=' . $parentId);              
}
 
/*
    Upload an image and return the uploaded image name 
*/
function uploadImage($inputName, $uploadDir)
{
    $image     = $_FILES[$inputName];
    $imagePath = '';
    
    // if a file is given
    if (trim($image['tmp_name']) != '') {
        // get the image extension
        $ext = substr(strrchr($image['name'], "."), 1); 
 
        // generate a random new file name to avoid name conflict
        $imagePath = md5(rand() * time()) . ".$ext";
        
        // check the image width. if it exceed the maximum
        // width we must resize it
        $size = getimagesize($image['tmp_name']);
        
        if ($size[0] > MAX_CATEGORY_IMAGE_WIDTH) {
            $imagePath = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_CATEGORY_IMAGE_WIDTH);
        } else {
            // move the image to category image directory
            // if fail set $imagePath to empty string
            if (!move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath)) {
                $imagePath = '';
            }
        }   
    }
 
    
    return $imagePath;
}
 
/*
    Modify a category
*/
function modifyCategory()
{
    $catId       = (int)$_GET['catId'];
    $name        = $_POST['txtName'];
    $description = $_POST['mtxDescription'];
    $image       = $_FILES['fleImage'];
    
    $catImage = uploadImage('fleImage', SRV_ROOT . 'images/category/');
    
    // if uploading a new image
    // remove old image
    if ($catImage != '') {
        _deleteImage($catId);
        $catImage = "'$catImage'";
    } else {
        // leave the category image as it was
        $catImage = 'cat_image';
    }
     
    $sql    = "UPDATE tbl_category 
               SET cat_name = '$name', cat_description = '$description', cat_image = $catImage
               WHERE cat_id = $catId";
           
    $result = dbQuery($sql) or die('Cannot update category. ' . mysql_error());
    header('Location: index.php');              
}
 
/*
    Remove a category
*/
function deleteCategory()
{
    if (isset($_GET['catId']) && (int)$_GET['catId'] > 0) {
        $catId = (int)$_GET['catId'];
    } else {
        header('Location: index.php');
    }
    
    // find all the children categories
    $children = getChildren($catId);
    
    // make an array containing this category and all it's children
    $categories  = array_merge($children, array($catId));
    $numCategory = count($categories);
 
    // remove all product image & thumbnail 
    // if the product's category is in  $categories
    $sql = "SELECT pd_id, pd_image, pd_thumbnail
            FROM tbl_product
            WHERE cat_id IN (" . implode(',', $categories) . ")";
    $result = dbQuery($sql);
    
    while ($row = dbFetchAssoc($result)) {
        @unlink(SRV_ROOT . PRODUCT_IMAGE_DIR . $row['pd_image']);   
        @unlink(SRV_ROOT . PRODUCT_IMAGE_DIR . $row['pd_thumbnail']);
    }
    
    // delete the products
    $sql = "DELETE FROM tbl_product
            WHERE cat_id IN (" . implode(',', $categories) . ")";
    dbQuery($sql);
    
    // then remove the categories image
    _deleteImage($categories);
 
    // finally remove the category from database;
    $sql = "DELETE FROM tbl_category 
            WHERE cat_id IN (" . implode(',', $categories) . ")";
    dbQuery($sql);
    
    header('Location: index.php');
}
 
 
/*
    Recursively find all children of $catId
*/
function getChildren($catId)
{
    $sql = "SELECT cat_id ".
           "FROM tbl_category ".
           "WHERE cat_parent_id = $catId ";
    $result = dbQuery($sql);
    
    $cat = array();
    if (dbNumRows($result) > 0) {
        while ($row = dbFetchRow($result)) {
            $cat[] = $row[0];
            
            // call this function again to find the children
            $cat  = array_merge($cat, getChildren($row[0]));
        }
    }
 
    return $cat;
}
 
 
/*
    Remove a category image
*/
function deleteImage()
{
    if (isset($_GET['catId']) && (int)$_GET['catId'] > 0) {
        $catId = (int)$_GET['catId'];
    } else {
        header('Location: index.php');
    }
    
    _deleteImage($catId);
    
    // update the image name in the database
    $sql = "UPDATE tbl_category
            SET cat_image = ''
            WHERE cat_id = $catId";
    dbQuery($sql);        
 
    header("Location: index.php?view=modify&catId=$catId");
}
 
/*
    Delete a category image where category = $catId
*/
function _deleteImage($catId)
{
    // we will return the status
    // whether the image deleted successfully
    $deleted = false;
 
    // get the image(s)
    $sql = "SELECT cat_image 
            FROM tbl_category
            WHERE cat_id ";
    
    if (is_array($catId)) {
        $sql .= " IN (" . implode(',', $catId) . ")";
    } else {
        $sql .= " = $catId";
    }   
 
    $result = dbQuery($sql);
    
    if (dbNumRows($result)) {
        while ($row = dbFetchAssoc($result)) {
            // delete the image file
            $deleted = @unlink(SRV_ROOT . CATEGORY_IMAGE_DIR . $row['cat_image']);
        }   
    }
    
    return $deleted;
}
 
?>
//admin/include/template.php

Code: Select all

<?php
//if (!defined('WEB_ROOT')) {
    //exit;
//}
 
$self = WEB_ROOT . 'admin/index.php';
?>
<html>
<head>
<title><?php echo $pageTitle; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="<?php echo WEB_ROOT;?>admin/include/admin.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/javascript" src="<?php echo WEB_ROOT;?>library/common.js"></script>
<?php
$n = count($script);
for ($i = 0; $i < $n; $i++) {
    if ($script[$i] != '') {
        echo '<script language="JavaScript" type="text/javascript" src="' . WEB_ROOT. 'admin/library/' . $script[$i]. '"></script>';
    }
}
?>
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
  <tr>
    <td colspan="2"><img src="<?php echo WEB_ROOT; ?>admin/include/banner-top.gif" width="750" height="75"></td>
  </tr>
  <tr>
    <td width="150" valign="top" class="navArea"><p>&nbsp;</p>
      <a href="<?php echo WEB_ROOT; ?>admin/" class="leftnav">Home</a> 
      <a href="<?php echo WEB_ROOT; ?>admin/category/" class="leftnav">Category</a>
      <a href="<?php echo WEB_ROOT; ?>admin/product/" class="leftnav">Product</a> 
      <a href="<?php echo WEB_ROOT; ?>admin/order/?status=Paid" class="leftnav">Order</a> 
      <a href="<?php echo WEB_ROOT; ?>admin/config/" class="leftnav">Shop Config</a> 
      <a href="<?php echo WEB_ROOT; ?>admin/user/" class="leftnav">User</a> 
      <a href="<?php echo $self; ?>?logout" class="leftnav">Logout</a>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <p>&nbsp;</p></td>
    <td width="600" valign="top" class="contentArea"><table width="100%" border="0" cellspacing="0" cellpadding="20">
        <tr>
          <td>
<?php
require_once $content;   
?>
          </td>
        </tr>
      </table></td>
  </tr>
</table>
<p>&nbsp;</p>
<p align="center">Copyright &copy; 2005 - <?php echo date('Y'); ?> <a href="http://www.phpwebcommerce.com"> http://www.phpwebcommerce.com</a></p>
</body>
</html>
thanks.
mustahid ara
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Problem to create admin section for e-commerce web site

Post by Christopher »

That is a lot of code for people to look through. Please tell us where you think the error is in the code?
(#10850)
Post Reply