hi guys can someone help me with this simple project of mine

[Fryle]

im using dreamweaver... im not an expert of this. but please someone can help me out

 

this is my index

<html>
<head>
<link rel="stylesheet" type="text/css" href="site.css">
<style type="text/css">
body {
	background-color: #FF9933;
}
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>
<table width="100%" height="5%" border="1" align="center" cellspacing="0" bordercolor="#000000" bgcolor="#FFFFFF" cellspace = "10">
<tr>
	<td width="268" bordercolor="#000000" bgcolor="#FFFFFF"><div align="center"><strong>E - COMMERCE SITE </strong></div></td>
    <td width="697" bordercolor="#000000" bgcolor="#FFFFFF"> </td>
    <td width="105" bordercolor="#000000" bgcolor="#FFFFFF"><div align="center"><a href="security.php" class="style2"><strong>S I G N - I N</strong></a></div></td>
</tr>
</table>

<table width="50%" height="50%" align="center" border="0" cellpadding="20">
  <tr>
    <td height="150" bgcolor="#FFFFFF"></td>
	
  </tr>
</table>
<table width="80%" height="5%" border = "1"align="center" bgcolor="#FFFFFF">
  <tr>
    <td width="502" height="30" ><div align="center"><strong><a href="index.php" class="style2">M A R K E T</a></strong></div></td>
    <td width="482" height="30" bgcolor="#FFFFFF" ><div align="center"><strong><a href="cart.php" class="style2">O R D E R </a></strong></div></td>
  </tr>
</table>
<hr>
<div class="MarginTable">
<p align="center"><strong>F E A T U R E D  P R O D U C T ' s </strong></p>
<table width="45%" border = "3" align="center" cellpadding="5" cellspacing="5" bgcolor="#FFFFFF">
	<tr>
    <td width="108"><div align="center" class="style3"><strong>Product Code</strong></div></td>
	<td width="108"><div align="center" class="style3"><strong>Thumbnail</strong></div></td>
	<td width="108"><div align="center" class="style3"><strong>Price</strong></div></td>
    <td width="108"><div align="center" class="style3"><strong>Product</strong></div></td>
    
	</tr>
	<?php
	require 'defaultproduct.php';
	$sql = "SELECT * from product order by name asc";
	$result = mysqli_query($conn, $sql);
	if (mysqli_num_rows($result) > 0) 
  	{
    while($row = mysqli_fetch_assoc($result)) 
	{
	?>
	<tr>
	
	<td height="64">
	  <div align="center"><strong><?php echo $row["code"];?></strong></div></td>
	
	<td>
	<div align="center"><strong><?php echo $row["name"];?> </strong></div>	</td>

	<td>
	<div align="center"><strong><?php echo "Php ".$row["price"];?></strong></div></td>
	<td><div align="center"><strong><?php echo "Php ".$row["price"];?> </strong></div>	</td>
	</tr>
	<?php
	}
	}
	?>
</table>
<div align="center"></div>
</div>

</body>
</html>

here is my database.

-- phpMyAdmin SQL Dump
-- version 3.2.0.1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Oct 08, 2016 at 09:58 AM
-- Server version: 5.1.36
-- PHP Version: 5.3.0

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Database: `activity`
--

-- --------------------------------------------------------

--
-- Table structure for table `product`
--

CREATE TABLE IF NOT EXISTS `product` (
  `id` int( NOT NULL AUTO_INCREMENT,
  `name` varchar(255) NOT NULL,
  `code` varchar(255) NOT NULL,
  `image` text NOT NULL,
  `price` double(10,2) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `product_code` (`code`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

--
-- Dumping data for table `product`
--

INSERT INTO `product` (`id`, `name`, `code`, `image`, `price`) VALUES
(1, 'sampleproduct', '001', '1.png', 100.00),
(2, 'productsample2', '002', '2.png', 200.00);

-- --------------------------------------------------------

--
-- Table structure for table `user`
--

CREATE TABLE IF NOT EXISTS `user` (
  `userid` int(2) unsigned zerofill NOT NULL AUTO_INCREMENT,
  `username` varchar(150) NOT NULL,
  `password` varchar(150) NOT NULL,
  PRIMARY KEY (`userid`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;

--
-- Dumping data for table `user`
--

INSERT INTO `user` (`userid`, `username`, `password`) VALUES
(01, 'admin', 'admin');

here is the admin panel

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><style type="text/css">
<!--
body {
	background-color: #FF9933;
}
.style1 {font-weight: bold}
-->
</style></head>
<body>
<form name="Product" method="post">
<table width="1000" height="200" align="center" border="1" cellpadding="20">
  <tr>
    <td height="150" bgcolor="#FFFFFF"></td>
  </tr>
</table>
<table width="1000" height="40" border = "1"align="center" bgcolor="#FFFFFF">
  <tr>
  	<td width="350" height="30" ><div align="center">
  	  <input type="submit" name="new" value="N E W">
  	</div>	</td>
  	<td width="350" height="30" ><div align="center">
  	  <input type="submit" name="update" value="U P D A T E">
  	</div>	</td>
	  	<td width="350" height="30" ><div align="center"><strong>
  	    <input type="submit" name="delete" value="D E L E T E">
  	    </strong></div>	</td>
	<td width="350" height="30" ><div align="center"><strong><a href="registeruser.php"> U S E R </a></strong></div></td>
	<td width="350" height="30" ><div align="center"><a href="index.php"><strong> M A R K E T </strong></a></div></td>
  </tr>
</table>
<p> </p>
<table width="55%" height="47%" border = "1"align="center" cellpadding="5" cellspacing="5" bgcolor="#FFFFFF">
	<tr>
	<td width="34%">
	<p align="center" class="style1"> P R O D U C T  </p>
	<p align="center"><strong>I N F O R M A T I O N </strong></p></td>
	<td width="66%" height="240">
	  <div align="center">
	  	<p><strong>Product Code :</strong> 
	  	  <input type="text" name="productcode">
	  	    <br>
	  	    <br>
	  	    <br>
	  	    <strong>Product Name:</strong>
	  	  <input type="text" name="productname">
		 
	  	  <br>
	  	  <br>
	  	  <br>
	  	  <strong>Price :</strong>
	  	  <input type="text" name="price">
		 <br>
		 <br>
		 <br>
		 
	  	</p>
	  	  <input type="submit" name="add" value="ADD">
	  </div>
	  <p align="center">
<?php
if (isset($_POST['add']))
	{	
	if($_POST["productcode"] == null || $_POST["productname"] == null || $_POST["price"] == null)
	{
	echo 'ERROR , Product information required!';
	}
	else
	{
	require 'defaultproduct.php';
	$sql = "INSERT INTO product (code,name,price) VALUES ('".$_POST["productcode"]."' , '".$_POST["productname"]."' , '".$_POST["price"]."')";
	mysqli_query($conn,$sql);
	echo 'Product ADD !';
	}
	}
?>
<?php
if (isset($_POST['delete']))
	{	
	header("Location:productdelete.php");
	}
?>

<?php
if (isset($_POST['new']))
	{	
	header("Location:productadd.php");
	}
?>

<?php
if (isset($_POST['update']))
{
	header ("Location:productupdate.php");		
}
?>
	  </p>	  </td>
  </tr>
</table>

</form>
</body>
</html>

i just want to ask how to upload my images upon making the product and it will appear in index automatically acording to the product it self and make it clickable and showing its product detail... i hope you can help me..

Edited October 17, 2016 by Fryle

[benanamen]

Storing passwords in plaintext is very bad. You need to use password_hash and password_verify. You never ever insert user supplied data directly to the database. You need to use prepared statements. Overall, it looks like you are using some rather old code.

Edited October 17, 2016 by benanamen

[Fryle]

its just for my project in school sir.. not a public website xD

[Jacques1]

What kind of school is this? The code you've shown is plain wrong and shows a deep misunderstanding of programming basics. This isn't even amateur level. It's a collection of security vulnerabilities and terrible practices from the 90s (table layouts, style attributes etc.).

 

So either you've spent all lessons in a coma, or your teacher needs to get fired. In any case: If you actually want to learn how to program, throw your Dreamweaver away, go to the Mozilla Developer Network and let them teach you how HTML looks like in the 21st century.