File Manager
Editing: deleteproduct.php
<?php ini_set('display_errors', 1); error_reporting(E_ALL); $host = "127.0.0.1:3306"; // Change if your MySQL server is hosted elsewhere $username = "u404542307_dacotywebsites"; // Your MySQL username $password = "daCotywebs1te5"; // Your MySQL password $database = "u404542307_eizon"; // Your MySQL database name try { // Establish database connection $pdo = new PDO("mysql:host=$host;dbname=$database", $username, $password); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die("Database connection failed: " . $e->getMessage()); } if ($_SERVER["REQUEST_METHOD"] === "POST") { // User has submitted a delete token to delete product $delete_token = $_POST['token']; // Validate if the token exists $stmt = $pdo->prepare("SELECT * FROM cards WHERE delete_token = :delete_token"); $stmt->execute(['delete_token' => $delete_token]); $product = $stmt->fetch(PDO::FETCH_ASSOC); if ($product) { // If the product is found, delete after confirmation if (isset($_POST['confirm_delete']) && $_POST['confirm_delete'] === 'Yes, delete this product') { // Delete the product $stmt = $pdo->prepare("DELETE FROM cards WHERE delete_token = :delete_token"); $stmt->execute(['delete_token' => $delete_token]); // Optionally delete images from the server foreach (['image1', 'image2', 'image3'] as $imageKey) { if (file_exists($product[$imageKey])) { unlink($product[$imageKey]); // Deletes the file } } echo "Product deleted successfully. Redirecting to the homepage..."; header("Refresh: 3; url=index.php"); // Redirect to homepage after 3 seconds exit; } else { // Show product details for confirmation echo "<h2>Are you sure you want to delete this product?</h2>"; echo "<p><strong>Name:</strong> " . htmlspecialchars($product['name']) . "</p>"; echo "<p><strong>Description:</strong> " . htmlspecialchars($product['description']) . "</p>"; echo "<p><strong>Price:</strong> " . htmlspecialchars($product['price']) . "</p>"; echo "<p><strong>Region:</strong> " . htmlspecialchars($product['region']) . "</p>"; echo "<p><strong>Category:</strong> " . htmlspecialchars($product['category']) . "</p>"; // Display images instead of contacts echo "<p><strong>Images:</strong><br>"; echo "<img src='" . htmlspecialchars($product['image1']) . "' alt='Product Image 1' width='100'><br>"; echo "<br>"; echo "<img src='" . htmlspecialchars($product['image2']) . "' alt='Product Image 2' width='100'><br>"; echo "<br>"; echo "<img src='" . htmlspecialchars($product['image3']) . "' alt='Product Image 3' width='100'></p>"; // Display confirmation form echo '<form method="POST"> <input type="hidden" name="token" value="' . htmlspecialchars($delete_token) . '"> <input type="submit" name="confirm_delete" value="Yes, delete this product"> </form>'; echo "<button><a href='index.php'>DECLINE</a></button>"; } } else { echo "Invalid delete token. The product could not be found."; } } else { // Handle fresh load of the page if (isset($_GET['token'])) { // Extract the token from the URL and auto-fill the input field $delete_token = $_GET['token']; echo "<h2>Click Submit To Proceed!</h2>"; echo '<form method="POST"> <input type="text" name="token" value="' . htmlspecialchars($delete_token) . '" readonly> <input type="submit" value="Submit"> </form>'; } else { // Allow user to manually input their delete token if not in the URL echo "<h2>Enter your delete token to delete the product</h2>"; echo '<form method="POST"> <input type="text" name="token" placeholder="Paste your delete token here" required> <input type="submit" value="Submit"> </form>'; } } ?>
💾 Save
⬅ Back