Problem to create admin section for e-commerce web site
Posted: Mon Jun 30, 2008 12:08 am
my problem is when i login the admin section, i visit the index page in admin section.but in admin section i'cant visit any link. If i click any link ,then i have a error massage(this page can not find the server).I think this problem is in config.php.in config section i can't understand what is "webroot and docroot".Please specify me.
//config.php
//database.php
//login.php
//index.php
//this is category section which is i can't open from the admin section
//admin/category/add.php
//admin/category/index.php
//admin/category/processcategory.php
//admin/include/template.php
thanks.
mustahid ara
//config.php
Code: Select all
<?php
//ini_set('display_errors', 'On');
//ob_start("ob_gzhandler");
//error_reporting(E_ALL);
// start the session
session_start();
// database connection config
$dbHost = 'localhost';
$dbUser = 'root';
$dbPass = '';
$dbName = 'plaincart';
// setting up the web root and server root for
// this shopping cart application
$thisFile = str_replace('\\', '/', __FILE__);
$docRoot = $_SERVER['DOCUMENT_ROOT'];
$webRoot = str_replace(array($docRoot, 'library/config.php'), '', $thisFile);
$srvRoot = str_replace('library/config.php', '', $thisFile);
define('WEB_ROOT', $webRoot);
define('SRV_ROOT', $srvRoot);
// these are the directories where we will store all
// category and product images
define('CATEGORY_IMAGE_DIR', 'images/category/');
define('PRODUCT_IMAGE_DIR', 'images/product/');
// some size limitation for the category
// and product images
// all category image width must not
// exceed 75 pixels
define('MAX_CATEGORY_IMAGE_WIDTH', 75);
// do we need to limit the product image width?
// setting this value to 'true' is recommended
define('LIMIT_PRODUCT_WIDTH', true);
// maximum width for all product image
define('MAX_PRODUCT_IMAGE_WIDTH', 300);
// the width for product thumbnail
define('THUMBNAIL_WIDTH', 75);
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
if (isset($_GET)) {
foreach ($_GET as $key => $value) {
$_GET[$key] = trim(addslashes($value));
}
}
}
// since all page will require a database access
// and the common library is also used by all
// it's logical to load these library here
require_once 'database.php';
require_once 'common.php';
// get the shop configuration ( name, addres, etc ), all page need it
$shopConfig = getShopConfig();
?>//database.php
Code: Select all
<?php
require_once 'config.php';
$dbConn = mysql_connect ($dbHost, $dbUser, $dbPass) or die ('MySQL connect failed. ' . mysql_error());
mysql_select_db($dbName) or die('Cannot select database. ' . mysql_error());
function dbQuery($sql)
{
$result = mysql_query($sql) or die(mysql_error());
return $result;
}
function dbAffectedRows()
{
global $dbConn;
return mysql_affected_rows($dbConn);
}
function dbFetchArray($result, $resultType = MYSQL_NUM) {
return mysql_fetch_array($result, $resultType);
}
function dbFetchAssoc($result)
{
return mysql_fetch_assoc($result);
}
function dbFetchRow($result)
{
return mysql_fetch_row($result);
}
function dbFreeResult($result)
{
return mysql_free_result($result);
}
function dbNumRows($result)
{
return mysql_num_rows($result);
}
function dbSelect($dbName)
{
return mysql_select_db($dbName);
}
function dbInsertId()
{
return mysql_insert_id();
}
?>Code: Select all
<?php
require_once '../library/config.php';
require_once './library/functions.php';
$errorMessage = ' ';
if (isset($_POST['txtUserName'])) {
$result = doLogin();
if ($result != '') {
$errorMessage = $result;
}
}
?>
<html>
<head>
<title>Shop Admin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="include/admin.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
<tr>
<td><img src="include/banner-top.gif" width="750" height="75"></td>
</tr>
<tr>
<td valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="20">
<tr>
<td class="contentArea"> <form method="post" name="frmLogin" id="frmLogin">
<p> </p>
<table width="350" border="0" align="center" cellpadding="5" cellspacing="1" bgcolor="#336699" class="entryTable">
<tr id="entryTableHeader">
<td>:: Admin Login ::</td>
</tr>
<tr>
<td class="contentArea">
<div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="text">
<tr align="center">
<td colspan="3"> </td>
</tr>
<tr class="text">
<td width="100" align="right">User Name</td>
<td width="10" align="center">:</td>
<td><input name="txtUserName" type="text" class="box" id="txtUserName" size="10" maxlength="20"></td>
</tr>
<tr>
<td width="100" align="right">Password</td>
<td width="10" align="center">:</td>
<td><input name="txtPassword" type="password" class="box" id="txtPassword" size="10"></td>
</tr>
<tr>
<td colspan="2"> </td>
<td><input name="btnLogin" type="submit" class="box" id="btnLogin" value="Login"></td>
</tr>
</table></td>
</tr>
</table>
<p> </p>
</form></td>
</tr>
</table></td>
</tr>
</table>
<p> </p>
</body>
</html>//index.php
Code: Select all
<?php
require_once '../library/config.php';
require_once './library/functions.php';
checkUser();
$content = 'main.php';
$pageTitle = 'Shop Admin';
$script = array();
require_once 'include/template.php';
?>
//main.php
<p align="center">Admin Main Page</p>
<p align="center">Choose a menu from the left navigation to get started</p>//this is category section which is i can't open from the admin section
//admin/category/add.php
Code: Select all
<?php
if (!defined('WEB_ROOT')) {
exit;
}
$parentId = (isset($_GET['parentId']) && $_GET['parentId'] > 0) ? $_GET['parentId'] : 0;
?>
<form action="processCategory.php?action=add" method="post" enctype="multipart/form-data" name="frmCategory" id="frmCategory">
<p align="center" class="formTitle">Add Category</p>
<table width="100%" border="0" align="center" cellpadding="5" cellspacing="1" class="entryTable">
<tr>
<td width="150" class="label">Category Name</td>
<td class="content"> <input name="txtName" type="text" class="box" id="txtName" size="30" maxlength="50"></td>
</tr>
<tr>
<td width="150" class="label">Description</td>
<td class="content"> <textarea name="mtxDescription" cols="50" rows="4" class="box" id="mtxDescription"></textarea></td>
</tr>
<tr>
<td width="150" class="label">Image</td>
<td class="content"> <input name="fleImage" type="file" id="fleImage" class="box">
<input name="hidParentId" type="hidden" id="hidParentId" value="<?php echo $parentId; ?>"></td>
</tr>
</table>
<p align="center">
<input name="btnAddCategory" type="button" id="btnAddCategory" value="Add Category" onClick="checkCategoryForm();" class="box">
<input name="btnCancel" type="button" id="btnCancel" value="Cancel" onClick="window.location.href='index.php?catId=<?php echo $parentId; ?>';" class="box">
</p>
</form>Code: Select all
<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
$_SESSION['login_return_url'] = $_SERVER['REQUEST_URI'];
checkUser();
$view = (isset($_GET['view']) && $_GET['view'] != '') ? $_GET['view'] : '';
switch ($view) {
case 'list' :
$content = 'list.php';
$pageTitle = 'Shop Admin Control Panel - View Category';
break;
case 'add' :
$content = 'add.php';
$pageTitle = 'Shop Admin Control Panel - Add Category';
break;
case 'modify' :
$content = 'modify.php';
$pageTitle = 'Shop Admin Control Panel - Modify Category';
break;
default :
$content = 'list.php';
$pageTitle = 'Shop Admin Control Panel - View Category';
}
$script = array('category.js');
require_once '../include/template.php';
?>//admin/category/processcategory.php
Code: Select all
<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
case 'add' :
addCategory();
break;
case 'modify' :
modifyCategory();
break;
case 'delete' :
deleteCategory();
break;
case 'deleteImage' :
deleteImage();
break;
default :
// if action is not defined or unknown
// move to main category page
header('Location: index.php');
}
/*
Add a category
*/
function addCategory()
{
$name = $_POST['txtName'];
$description = $_POST['mtxDescription'];
$image = $_FILES['fleImage'];
$parentId = $_POST['hidParentId'];
$catImage = uploadImage('fleImage', SRV_ROOT . 'images/category/');
$sql = "INSERT INTO tbl_category (cat_parent_id, cat_name, cat_description, cat_image)
VALUES ($parentId, '$name', '$description', '$catImage')";
$result = dbQuery($sql) or die('Cannot add category' . mysql_error());
header('Location: index.php?catId=' . $parentId);
}
/*
Upload an image and return the uploaded image name
*/
function uploadImage($inputName, $uploadDir)
{
$image = $_FILES[$inputName];
$imagePath = '';
// if a file is given
if (trim($image['tmp_name']) != '') {
// get the image extension
$ext = substr(strrchr($image['name'], "."), 1);
// generate a random new file name to avoid name conflict
$imagePath = md5(rand() * time()) . ".$ext";
// check the image width. if it exceed the maximum
// width we must resize it
$size = getimagesize($image['tmp_name']);
if ($size[0] > MAX_CATEGORY_IMAGE_WIDTH) {
$imagePath = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_CATEGORY_IMAGE_WIDTH);
} else {
// move the image to category image directory
// if fail set $imagePath to empty string
if (!move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath)) {
$imagePath = '';
}
}
}
return $imagePath;
}
/*
Modify a category
*/
function modifyCategory()
{
$catId = (int)$_GET['catId'];
$name = $_POST['txtName'];
$description = $_POST['mtxDescription'];
$image = $_FILES['fleImage'];
$catImage = uploadImage('fleImage', SRV_ROOT . 'images/category/');
// if uploading a new image
// remove old image
if ($catImage != '') {
_deleteImage($catId);
$catImage = "'$catImage'";
} else {
// leave the category image as it was
$catImage = 'cat_image';
}
$sql = "UPDATE tbl_category
SET cat_name = '$name', cat_description = '$description', cat_image = $catImage
WHERE cat_id = $catId";
$result = dbQuery($sql) or die('Cannot update category. ' . mysql_error());
header('Location: index.php');
}
/*
Remove a category
*/
function deleteCategory()
{
if (isset($_GET['catId']) && (int)$_GET['catId'] > 0) {
$catId = (int)$_GET['catId'];
} else {
header('Location: index.php');
}
// find all the children categories
$children = getChildren($catId);
// make an array containing this category and all it's children
$categories = array_merge($children, array($catId));
$numCategory = count($categories);
// remove all product image & thumbnail
// if the product's category is in $categories
$sql = "SELECT pd_id, pd_image, pd_thumbnail
FROM tbl_product
WHERE cat_id IN (" . implode(',', $categories) . ")";
$result = dbQuery($sql);
while ($row = dbFetchAssoc($result)) {
@unlink(SRV_ROOT . PRODUCT_IMAGE_DIR . $row['pd_image']);
@unlink(SRV_ROOT . PRODUCT_IMAGE_DIR . $row['pd_thumbnail']);
}
// delete the products
$sql = "DELETE FROM tbl_product
WHERE cat_id IN (" . implode(',', $categories) . ")";
dbQuery($sql);
// then remove the categories image
_deleteImage($categories);
// finally remove the category from database;
$sql = "DELETE FROM tbl_category
WHERE cat_id IN (" . implode(',', $categories) . ")";
dbQuery($sql);
header('Location: index.php');
}
/*
Recursively find all children of $catId
*/
function getChildren($catId)
{
$sql = "SELECT cat_id ".
"FROM tbl_category ".
"WHERE cat_parent_id = $catId ";
$result = dbQuery($sql);
$cat = array();
if (dbNumRows($result) > 0) {
while ($row = dbFetchRow($result)) {
$cat[] = $row[0];
// call this function again to find the children
$cat = array_merge($cat, getChildren($row[0]));
}
}
return $cat;
}
/*
Remove a category image
*/
function deleteImage()
{
if (isset($_GET['catId']) && (int)$_GET['catId'] > 0) {
$catId = (int)$_GET['catId'];
} else {
header('Location: index.php');
}
_deleteImage($catId);
// update the image name in the database
$sql = "UPDATE tbl_category
SET cat_image = ''
WHERE cat_id = $catId";
dbQuery($sql);
header("Location: index.php?view=modify&catId=$catId");
}
/*
Delete a category image where category = $catId
*/
function _deleteImage($catId)
{
// we will return the status
// whether the image deleted successfully
$deleted = false;
// get the image(s)
$sql = "SELECT cat_image
FROM tbl_category
WHERE cat_id ";
if (is_array($catId)) {
$sql .= " IN (" . implode(',', $catId) . ")";
} else {
$sql .= " = $catId";
}
$result = dbQuery($sql);
if (dbNumRows($result)) {
while ($row = dbFetchAssoc($result)) {
// delete the image file
$deleted = @unlink(SRV_ROOT . CATEGORY_IMAGE_DIR . $row['cat_image']);
}
}
return $deleted;
}
?>Code: Select all
<?php
//if (!defined('WEB_ROOT')) {
//exit;
//}
$self = WEB_ROOT . 'admin/index.php';
?>
<html>
<head>
<title><?php echo $pageTitle; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="<?php echo WEB_ROOT;?>admin/include/admin.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/javascript" src="<?php echo WEB_ROOT;?>library/common.js"></script>
<?php
$n = count($script);
for ($i = 0; $i < $n; $i++) {
if ($script[$i] != '') {
echo '<script language="JavaScript" type="text/javascript" src="' . WEB_ROOT. 'admin/library/' . $script[$i]. '"></script>';
}
}
?>
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
<tr>
<td colspan="2"><img src="<?php echo WEB_ROOT; ?>admin/include/banner-top.gif" width="750" height="75"></td>
</tr>
<tr>
<td width="150" valign="top" class="navArea"><p> </p>
<a href="<?php echo WEB_ROOT; ?>admin/" class="leftnav">Home</a>
<a href="<?php echo WEB_ROOT; ?>admin/category/" class="leftnav">Category</a>
<a href="<?php echo WEB_ROOT; ?>admin/product/" class="leftnav">Product</a>
<a href="<?php echo WEB_ROOT; ?>admin/order/?status=Paid" class="leftnav">Order</a>
<a href="<?php echo WEB_ROOT; ?>admin/config/" class="leftnav">Shop Config</a>
<a href="<?php echo WEB_ROOT; ?>admin/user/" class="leftnav">User</a>
<a href="<?php echo $self; ?>?logout" class="leftnav">Logout</a>
<p> </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="600" valign="top" class="contentArea"><table width="100%" border="0" cellspacing="0" cellpadding="20">
<tr>
<td>
<?php
require_once $content;
?>
</td>
</tr>
</table></td>
</tr>
</table>
<p> </p>
<p align="center">Copyright © 2005 - <?php echo date('Y'); ?> <a href="http://www.phpwebcommerce.com"> http://www.phpwebcommerce.com</a></p>
</body>
</html>mustahid ara