editpara.php

这个版本只是修正了一些BUG

<?php
/***********************************************
	editpara.php

	Version  : 1.2
	Author   : Tracemouse (tracemouse@msn.com)
	Copyright:
	Writed   : 2003/08/09
	Modified : 2004/04/12
************************************************/
require "./include/base.php";

if (!$productid) 	$productid=0;
else				$productid=intval($productid);

$sqlstr="select productname,paraid from $table_products where productid=$productid";
$query = $db->query($sqlstr);
if($dbq_rec = $db->fetch_array($query))
{
	if ($dbq_rec['paraid'] == 1)		showmessage(product_nopara);
  	else
    	{
    		$paraid=$dbq_rec['paraid'];
    		$productname=$dbq_rec['productname'];
    	}
}
else
{
	showmessage('db_notfound');
}

$nav.=SEPARATER."<a href='viewproduct.php?productid=$productid'>".$productname."</a>";
$nav.=SEPARATER.$language[editparameter];

if (!$editsubmit)           //未发送表单
{
	$sqlstr="SELECT paraname FROM $table_parameters WHERE paraid=$paraid";
    	if($query=$db->query($sqlstr))
		$paraname=$db->result($query,0);
	else
    		showmessage($language['db_err'].":<br>".$sqlstr);
    	$sqlstr="SELECT a.productid,a.paraid,a.varname,a.value,b.varhint,b.remarks
		 	FROM $table_paravals a ,$table_paravars b WHERE
		 	a.paraid=b.paraid AND a.varname=b.varname AND a.productid=$productid";
	$query=$db->query($sqlstr);
	$line='';
	$all_varname = $comma = ' ';
	while($dbq_rec = $db->fetch_array($query))
	{
 		$varname=$dbq_rec['varname'];
 		$all_varname .= $comma.'\''.$varname.'\'';
 		$comma=',';
 		$varhint=$dbq_rec['varhint'];
 		$remarks=$dbq_rec['remarks'];
 		$value=$dbq_rec['value'];
 		$line=$line."<tr><td bgcolor='".ALTBG1."' width=40%>".$varhint.":<br>".$remarks."</td>";
 		$line=$line."<td bgcolor='".ALTBG3."'><input type=text size=60 value='".$value."' name=".$varname."></td></tr>";
	}
	if ($all_varname == ' ') 	$all_varname='\' \'';

	$sqlstr="SELECT varname,varhint,remarks FROM $table_paravars WHERE paraid = $paraid AND varname NOT IN ($all_varname)";
	$query=$db->query($sqlstr);
	while($dbq_rec = $db->fetch_array($query))
	{
 		$varname=$dbq_rec['varname'];
 		$varhint=$dbq_rec['varhint'];
 		$remarks=$dbq_rec['remarks'];
 		$line=$line."<tr><td bgcolor='".ALTBG1."' width=40%>".$varhint.":<br>".$remarks."</td>";
 		$line=$line."<td bgcolor='".ALTBG1."'><input type=text size=60  name=".$varname."></td></tr>";
	}
}
elseif ($editsubmit)    //发送表单处理
{
	$paraid=intval($paraid);
	$sqlstr="SELECT paraid,varname FROM $table_paravars WHERE paraid = $paraid";
  	$query=$db->query($sqlstr);
  	while($dbq_rec = $db->fetch_array($query))
  	{
    		$varname=$dbq_rec['varname'];
    		$value=daddslashes($$varname);
   		$query_1 = $db->query("SELECT COUNT(*) FROM $table_paravals WHERE paraid =$paraid AND productid=$productid AND varname='$varname'");
    		$recnum = $db->result($query_1, 0);
    		if ($recnum == 0)
       			$sqlstr="INSERT INTO $table_paravals(productid,paraid,varname,value)  VALUES($productid,$paraid,'$varname','$value')";
    		else
    	 		$sqlstr="UPDATE $table_paravals SET value = '$value' WHERE productid=$productid AND paraid=$paraid AND varname='$varname'";
      		if(!($query_1=$db->query($sqlstr))) 		showmessage($language['db_err'].":<br>".$sqlstr);
   	}
    	showmessage('parameter editsuccess','viewproduct.php?productid='.$productid);
}

include template('editparameter');
?>