php_billing/119/edit-product-cost.php

<?php
if(isset($_POST['id'])) {
    try {
        $pdo = new PDO("mysql:host=".MYSQL_HOST.";dbname=".MYSQL_DB, MYSQL_USER, MYSQL_PASS);
        $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        
        $sql = "UPDATE `".SHOP_ID."_product` SET `name`=?, `hsn`=?, `mrp`=?, `price`=?, `stock`=?, `user`=?, `cost`=? WHERE `id`=?";
        $stmt = $pdo->prepare($sql);
        $stmt->execute([$_POST['pname'], $_POST['hsn'], $_POST['mrp'], $_POST['price'], $_POST['stock'], $_SESSION["id"], $_POST["cost"], $_POST["id"]]);
        
        echo "Record updated successfully, go to stock to verify.";
        // echo '<script>window.location.href="/119/view-product"</script>';
    } catch(PDOException $e) {
        echo "Error updating record: " . $e->getMessage();
    }
}
// $sql = "UPDATE users SET name=?, surname=?, sex=? WHERE id=?";
// $pdo->prepare($sql)->execute([$name, $surname, $sex, $id]);


//     if(isset($_POST['id'])){
//         $link = mysqli_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASS,MYSQL_DB);
//         $link->set_charset("utf8");
//         $query="UPDATE `".SHOP_ID."_product` SET `name`='".$_POST['pname']."', `hsn`='".$_POST['hsn']."', `mrp`='".$_POST['mrp']."' , `price`='".$_POST['price']."' , `stock`='".$_POST['stock']."'  , `user`='".$_SESSION["id"]."', `cost`='".$_POST["cost"]."' WHERE `id`='".$_POST["id"]."'";
        
//     if (mysqli_query($link, $query)) {
        
//     echo "Record updated successfully, go to stock to verify.";
//     } else {
//     echo "Error updating record: " . mysqli_error($link);
//     }
//             // $stmt = $link->prepare($query);
//             // if($stmt){
//             // $stmt->bind_param("ssssss",$_POST['mrp'],$_POST['price'],$_POST['stock'],$_POST['cat'], $_SESSION["id"],$_POST['id'] );
//             // //if(!$stmt->execute()) echo '<div class="alert alert-danger">' . mysqli_error($link) . '</div>';
//             // if(!$stmt->execute()) echo '<div class="alert alert-danger">' . mysqli_error($link) . '</div>';
//             // else {
//             //     echo '<div class="alert alert-success">Product: '.$_POST['name'].' Edited </div> <br> ';
//             // }
//             // }
//             // else echo mysqli_error($link);
//             // $link->close();
//         }
                        
    ?>
<?php 
if(isset($_GET['code'])){
        // if(isset($url[1])) { $lnk=$url[2]; $lnk2 = explode('?', $lnk); }
        $code = explode('-', $_GET['code']);
        // echo $code[1];
        $link = new mysqli(MYSQL_HOST,MYSQL_USER,MYSQL_PASS,MYSQL_DB);
        $query="SELECT * FROM `".SHOP_ID."_product` WHERE `id`='".$code[0]."'";
        $result= mysqli_query($link, $query);
        if(mysqli_num_rows($result)<1){
            echo ' <br />
            <h2> Err: no Product Found </h2>
            ';
        }
        else {
        $row= mysqli_fetch_assoc($result);
        // echo $row['name'];
        echo '
        <div>
    	<form method="POST"><br>
        <input type="hidden"  name="id" value="'.$row['id'].'" />
        <label for="product pame">Product Name:
            <input type="text" id="pname"  name="pname" value="'.$row['name'].'" /><br>
        </label><br>

        <label for="product hsn">HSN:
            <input type="text" id="hsn"  name="hsn" value="'.$row['hsn'].'" /><br>
        </label><br>
        <label for="product pame">MRP:
            <input type="number" id="mrp" name="mrp" value="'.$row['mrp'].'" onchange="calDiscount()" /><br>
        </label><br>

        <label for="product pame">Discount Amount:
            <input type="number" id="discount" name="discount" onchange="calDiscount()"/><br>
        </label><br>
        <label for="product pame">*Price:
            <input type="number" id="price" name="price" value="'.$row['price'].'" /><br>
        </label><br>';
            if(isset($_SESSION['email']) && $_SESSION['email']=='mousumi@fashionavenueonline.com'){
                echo '<label for="product cost">*Cost:
                            <input type="number" id="cost" name="cost" value="'.$row['cost'].'" /><br>
                        </label><br>';
            }
        
            echo '
        <label for="quantity">*Quantity:
            <input type="number" id="stock" name="stock"  value="'.$row['stock'].'" /><br>
        </label><br>
 
        
        <br>
        <br>
        <input type="submit" value="Save">
   	 	</form> 
		</div>
        ';
        }
    }
?>

<script>
        function calDiscount(){
            var mrp = parseInt(document.getElementById("mrp").value);
            var dp = parseInt(document.getElementById("discount").value);
            var discount=parseInt(mrp - dp);
            var price=parseInt(mrp-discount);
            // document.getElementById("discount").value=discount;
            document.getElementById("price").value=discount;
        //document.getElementById("demo").innerHTML = "You selected: " + x;
        }
        window.onload = function(){
            let mrpPrice = document.getElementById('mrp').value;
            let sellPrice = document.getElementById('price').value;
            var discountPrice = parseInt(mrpPrice - sellPrice);
            document.getElementById("discount").value=discountPrice;


        }
// function calDiscount(){
// 	var mrp = parseInt(document.getElementById("mrp").value);
// 	var dp = parseInt(document.getElementById("dp").value);
// 	var discount=parseInt(dp/100*mrp);
// 	var price=parseInt(mrp-discount);
// 	document.getElementById("discount").value=discount;
// 	document.getElementById("price").value=price;
//   //document.getElementById("demo").innerHTML = "You selected: " + x;
// }
</script>