gary_wms/wms/equipment-record-update.php

<?php
include "header.php";

if(isset($_POST['update'])) {
    function user_input( $data ) {
        $data1 = trim($data);
        $data2 = stripslashes($data1);
        $data3 = htmlspecialchars($data2);
        return $data3;
    }

    $id     = $_POST['id'];
    $category     = $_POST['categoryd'];
    $equipment_id   = user_input($_POST["equipment_id"]);	
    $equipment_name	   = user_input($_POST["equipment_name"]);	
    $brand       = user_input($_POST["brand"]);	
    $spec        = user_input($_POST["spec"]);	
    $count_type     = user_input($_POST["count_type"]);	
    $inventory      = user_input($_POST["inventory"]);	
    $list_price     = user_input($_POST["list_price"]);	
    $discount     = user_input($_POST["discount"]);	
    $final_price     = user_input($_POST["final_price"]);	
    $picture     = user_input($_POST["picture"]);	
    $creater      = user_input($_POST["creater"]);	
    $create_at     = date('Y/m/d H:i:s');

    $file_name      = $_FILES["fileToUpload"]["name"];
    $temp_file_name = $_FILES["fileToUpload"]["tmp_name"];
    $file_size      = $_FILES["fileToUpload"]["size"];
    $target_dir     = "equipment-uploads/";
    $target_file    = strtolower($target_dir . basename($file_name));
    $upload_ok      = 1;
    $img_file_type  = pathinfo($target_file, PATHINFO_EXTENSION);	
    
    if(strlen($target_file) <= strlen("equipment-uploads/")){
        $db_query = "UPDATE equipment set category = '$category', equipment_id = '$equipment_id', equipment_name = '$equipment_name', brand = '$brand', spec = '$spec', count_type = '$count_type',inventory = '$inventory',list_price = '$list_price',discount = '$discount',final_price = '$final_price',create_at = '$create_at' WHERE id='$id'";
            mysqli_query($link, $db_query);						

    }else {

        if($file_size > 500000) {
            echo "<font color='#FF0000'>Please enter a file size between 5mb</font>";
            $upload_ok = 0;
        } else { //
            //Allow certain file formats
            if($img_file_type != "jpg" && $img_file_type != "png" && $img_file_type != "jpeg" && $img_file_type != "gif") {
                //echo "JPG, PNG, JPEG and GIF files are allowed";
                $upload_ok = 0;
            } else {
                //Check if $upload_ok is set to 0 by an error
                if($upload_ok === 0) {
                    echo "<font color='#FF0000'>File has not been uploaded</font>";
                } else {
                    if(move_uploaded_file($temp_file_name, $target_file)){
                        $db_query = "UPDATE equipment set category = '$category', equipment_id = '$equipment_id', equipment_name = '$equipment_name', brand = '$brand', spec = '$spec', count_type = '$count_type',inventory = '$inventory',list_price = '$list_price',discount = '$discount',final_price = '$final_price',picture = '$target_file',create_at = '$create_at' WHERE id='$id'";
                        mysqli_query($link, $db_query);						
                        header("location: equipment-index.php");
                    }
                }
            }
        }   

    }
    $affected = mysqli_affected_rows($link);
    mysqli_close($link);
    if ($affected > 0) {
        echo "<script type ='text/JavaScript'>";
        echo "alert('update成功');";
        echo "location.href='equipment-index.php?function_name=equipment&".$token_link."';";
        echo "</script>"; 
    } elseif ($affected == 0) {
        echo "<script type ='text/JavaScript'>";
        echo "alert('無新增資料');";
        echo "location.href='equipment-index.php?function_name=equipment&".$token_link."';";
        echo "</script>"; 
    } else {
        echo "{$db_query} 語法執行失敗，錯誤訊息SSS: " . mysqli_error($link);
    }
}
?>