edit

<?php
require 'db.php';

// Validasi dan sanitasi input ID dari URL
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
if ($id <= 0) {
    die("ID tidak valid.");
}

// Ambil data barang berdasarkan ID menggunakan prepared statement
$query = "SELECT * FROM items WHERE id = ?";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, "i", $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$item = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);

if (!$item) {
    die("Barang tidak ditemukan.");
}

// Ambil data kategori
$categories_query = "SELECT * FROM categories";
$categories = mysqli_query($conn, $categories_query);

// Proses saat form disubmit
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Validasi input
    $name = trim($_POST['name']);
    $category_id = !empty($_POST['category_id']) ? (int)$_POST['category_id'] : null;
    $quantity = isset($_POST['quantity']) ? (int)$_POST['quantity'] : 0;
    $price = isset($_POST['price']) ? (float)$_POST['price'] : 0.0;

    // Validasi data yang wajib diisi
    if (empty($name)) {
        die("Nama barang tidak boleh kosong.");
    }

    if ($quantity <= 0) {
        die("Jumlah harus lebih besar dari 0.");
    }

    if ($price <= 0) {
        die("Harga harus lebih besar dari 0.");
    }

    // Update data barang menggunakan prepared statement
    $update_query = "UPDATE items SET name = ?, category_id = ?, quantity = ?, price = ? WHERE id = ?";
    $update_stmt = mysqli_prepare($conn, $update_query);
    mysqli_stmt_bind_param($update_stmt, "siidi", $name, $category_id, $quantity, $price, $id);

    if (mysqli_stmt_execute($update_stmt)) {
        header("Location: index.php");
        exit;
    } else {
        echo "Gagal mengedit barang: " . mysqli_error($conn);
    }

    mysqli_stmt_close($update_stmt);
}

// Tutup koneksi
mysqli_close($conn);
?>

<!DOCTYPE html>
<html lang="id">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Edit Barang</title>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
</head>
<body>
<div class="container mt-4">
    <h1 class="mb-4">Edit Barang</h1>
    <form method="post">
        <div class="form-group">
            <label for="name">Nama Barang:</label>
            <input type="text" class="form-control" id="name" name="name"
                   value="<?= htmlspecialchars($item['name']) ?>" required>
        </div>
        <div class="form-group">
            <label for="category_id">Kategori:</label>
            <select class="form-control" id="category_id" name="category_id">
                <option value="">Pilih Kategori</option>
                <?php while ($row = mysqli_fetch_assoc($categories)): ?>
                    <option value="<?= htmlspecialchars($row['id']) ?>"
                        <?= $row['id'] == $item['category_id'] ? 'selected' : '' ?>>
                        <?= htmlspecialchars($row['name']) ?>
                    </option>
                <?php endwhile; ?>
            </select>
        </div>
        <div class="form-group">
            <label for="quantity">Jumlah:</label>
            <input type="number" class="form-control" id="quantity" name="quantity"
                   value="<?= htmlspecialchars($item['quantity']) ?>" min="1" required>
        </div>
        <div class="form-group">
            <label for="price">Harga:</label>
            <input type="number" class="form-control" id="price" name="price"
                   value="<?= htmlspecialchars($item['price']) ?>" step="0.01" min="0.01" required>
        </div>
        <button type="submit" class="btn btn-primary">Simpan</button>
    </form>
</div>
</body>
</html>