-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathaddNewItem.php
More file actions
64 lines (49 loc) · 1.71 KB
/
addNewItem.php
File metadata and controls
64 lines (49 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
$success = '';
$error = '';
if (isset($_POST['submit'])) {
// Define $username and $password
$description = $_POST['description'];
$quantity = $_POST['quantity'];
$price = $_POST['price'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$conn= mysqli_connect("localhost", "root", "", "compsys");
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
// To protect MySQL injection for Security purpose
$description = stripslashes($description);
$quantity = stripslashes($quantity);
$price = stripslashes($price);
$description = mysqli_real_escape_string($conn, $description);
$quantity = mysqli_real_escape_string($conn, $quantity);
$price = mysqli_real_escape_string($conn, $price);
if ( is_numeric($price) ) {
$query = "SELECT * FROM stock WHERE description = '$description'";
$valid = mysqli_query($conn, $query);
if (!$valid) {
$error = "Could not connect to the database!";
}
if (mysqli_num_rows($valid) == 0 ) {
$sql = "INSERT INTO stock (description, quantity, price)
VALUES ('$description', '$quantity', '$price');";
$res = mysqli_query($conn, $sql);
if (!$res) {
$error = "Error adding....";
}
if (mysqli_affected_rows($conn) == 1) {
$success = "New item has been added successfully to the inventory. Redirecting.....";
header("refresh:5; url=inventory.php");
} else {
$error = ("Could not add due to system error!");
}
} else {
$error = "The item already exist in the system.";
}
} else {
$error = "Price should be numeric!";
}
mysqli_close($conn);
}
?>