ruạṛ
<?php session_start(); require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php'; $connID = connect_to_db(); $code_id = is_numeric_id($_POST['code_id']); $code = clean_plain_data($_POST['code']); $discount_type = clean_plain_data($_POST['discount_type']); $discount = is_decimal_data($_POST['discount']); $start_date = strtotime($_POST['start_date']); $finish_date = strtotime($_POST['finish_date']); //validate $message = ''; if($code == ''){ $message .= 'Please enter a code. <br />';} if(!$discount){ $message .= 'Please enter a discount. <br />';} if($discount_type != '%' && $discount_type != '$'){ $message .= 'Please select discount type. <br />'; } if($discount_type == '%' && $discount > 100) { $message .= 'Discount may not be > 100%. <br />'; } if($finish_date <= $start_date) { $message .= 'Finish date must be after start date. <br />'; } if($message != '') { getout($message); exit; } //insert if(!$update = mysql_query("update discount_codes set code = '$code' , discount_type = '$discount_type' , discount = '$discount' , start_date = '$start_date' , finish_date = '$finish_date' where code_id = '$code_id'")) { getout('There was an error updating the entry.'.mysql_error()); // exit; } $code_id = mysql_insert_id(); $message = 'Discount code updated successfully.'; /** * return to previous page */ getout($message,'../discounts.php'); exit; ?>
cải xoăn