https://pastein.ru/t/wwZ
Загрузка данных
<?php
require "../Connect-db.php";
if (!isset($_COOKIE['saveLogin'])) {
header("Location: ../login.php");
exit;
}
$login = mysqli_real_escape_string($conn, $_COOKIE['saveLogin']);
$queryUser = mysqli_query($conn, "
SELECT * FROM users
WHERE user_email = '$login' OR user_name = '$login'
");
$user = mysqli_fetch_assoc($queryUser);
if (!$user || $user['role'] != 'admin') {
echo "<script>
alert('Доступ запрещён');
location.href='../profile.php';
</script>";
exit;
}
if (!isset($_GET['id']) || $_GET['id'] == '') {
header("Location: admin.php?page=products");
exit;
}
$id = (int)$_GET['id'];
$queryProduct = mysqli_query($conn, "
SELECT * FROM products
WHERE id_item = '$id'
");
$product = mysqli_fetch_assoc($queryProduct);
if (!$product) {
echo "<script>
alert('Товар не найден');
location.href='admin.php?page=products';
</script>";
exit;
}
if (isset($_POST['editProduct'])) {
$name = mysqli_real_escape_string($conn, trim($_POST['name_item']));
$price = mysqli_real_escape_string($conn, trim($_POST['price_item']));
$oldImage = $product['img_item'];
$newImage = $oldImage;
if ($name == '' || $price == '') {
echo "<script>alert('Заполните название и цену');</script>";
} else {
if (isset($_FILES['img_item']) && $_FILES['img_item']['error'] == 0) {
$fileName = $_FILES['img_item']['name'];
$tmpName = $_FILES['img_item']['tmp_name'];
$fileExt = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
$allowedExt = ['jpg', 'jpeg', 'png', 'webp', 'svg'];
if (!in_array($fileExt, $allowedExt)) {
echo "<script>alert('Разрешены только jpg, jpeg, png, webp, svg');</script>";
} else {
$newFileName = time() . "_" . preg_replace('/[^A-Za-z0-9_\.-]/', '_', $fileName);
$uploadPath = "../image/" . $newFileName;
if (move_uploaded_file($tmpName, $uploadPath)) {
$newImage = $newFileName;
$oldImagePath = "../image/" . $oldImage;
if ($oldImage != '' && file_exists($oldImagePath)) {
unlink($oldImagePath);
}
} else {
echo "<script>alert('Ошибка при загрузке изображения');</script>";
}
}
}
$newImageSafe = mysqli_real_escape_string($conn, $newImage);
$update = mysqli_query($conn, "
UPDATE products
SET
name_item = '$name',
price_item = '$price',
img_item = '$newImageSafe'
WHERE id_item = '$id'
");
if ($update) {
echo "<script>
alert('Товар успешно обновлён');
location.href='admin.php?page=products';
</script>";
exit;
} else {
echo "Ошибка обновления: " . mysqli_error($conn);
}
}
}
?>
<!DOCTYPE html>
<html lang="ru">
<head>
<meta charset="UTF-8">
<title>Редактировать товар</title>
<link rel="stylesheet" href="../styles/admin.css">
</head>
<body>
<div class="admin-form-page">
<div class="admin-form-box">
<h1>Редактировать товар</h1>
<form method="POST" enctype="multipart/form-data">
<div class="admin-form-group">
<label>Название товара</label>
<input type="text" name="name_item" value="<?php echo htmlspecialchars($product['name_item']); ?>">
</div>
<div class="admin-form-group">
<label>Цена</label>
<input type="text" name="price_item" value="<?php echo htmlspecialchars($product['price_item']); ?>">
</div>
<div class="admin-form-group">
<label>Текущая картинка</label>
<div class="admin-current-image">
<img src="../image/<?php echo htmlspecialchars($product['img_item']); ?>" alt="">
<p><?php echo htmlspecialchars($product['img_item']); ?></p>
</div>
</div>
<div class="admin-form-group">
<label>Новая картинка</label>
<label for="img_item" class="admin-upload-box">
<span>Перетащите изображение сюда или нажмите для выбора</span>
<input type="file" name="img_item" id="img_item" accept=".jpg,.jpeg,.png,.webp,.svg">
</label>
<div class="admin-file-name" id="fileName">Файл не выбран</div>
</div>
<div class="admin-form-buttons">
<button type="submit" name="editProduct">Сохранить</button>
<a href="admin.php?page=products">Назад</a>
</div>
</form>
</div>
</div>
<script>
const fileInput = document.getElementById('img_item');
const fileName = document.getElementById('fileName');
const uploadBox = document.querySelector('.admin-upload-box');
fileInput.addEventListener('change', function() {
if (fileInput.files.length > 0) {
fileName.textContent = fileInput.files[0].name;
} else {
fileName.textContent = 'Файл не выбран';
}
});
uploadBox.addEventListener('dragover', function(e) {
e.preventDefault();
uploadBox.classList.add('dragover');
});
uploadBox.addEventListener('dragleave', function() {
uploadBox.classList.remove('dragover');
});
uploadBox.addEventListener('drop', function(e) {
e.preventDefault();
uploadBox.classList.remove('dragover');
if (e.dataTransfer.files.length > 0) {
fileInput.files = e.dataTransfer.files;
fileName.textContent = e.dataTransfer.files[0].name;
}
});
</script>
</body>
</html>
.admin-current-image {
display: flex;
align-items: center;
gap: 14px;
background: #f5f5f5;
padding: 14px;
border: 1px solid #e1e1e1;
}
.admin-current-image img {
width: 90px;
height: 90px;
object-fit: contain;
background: white;
}
.admin-current-image p {
font-size: 13px;
color: #555;
}
.admin-upload-box {
width: 100%;
min-height: 140px;
border: 2px dashed #cfcfcf;
background: #fafafa;
display: flex;
justify-content: center;
align-items: center;
text-align: center;
padding: 20px;
cursor: pointer;
transition: 0.2s;
}
.admin-upload-box span {
font-size: 14px;
color: #666;
line-height: 1.5;
}
.admin-upload-box input {
display: none;
}
.admin-upload-box.dragover {
border-color: #111;
background: #f0f0f0;
}
.admin-file-name {
margin-top: 10px;
font-size: 14px;
color: #444;
}