Add new file

add_product.php

+<?php
+include 'connect.php';
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $name = $_POST['name'];
+    $price = $_POST['price'];
+
+    $stmt = $conn->prepare("INSERT INTO products (name, price) VALUES (?, ?)");
+    $stmt->execute([$name, $price]);
+
+    echo "เพิ่มสินค้าสำเร็จ!";
+    header("Location: index.php");
+}
+?>
+<form method="post">
+    ชื่อสินค้า: <input type="text" name="name" required>
+    ราคา: <input type="number" name="price" required>
+    <button type="submit">เพิ่มสินค้า</button>
+</form>

cart.php

+<?php
+include 'connect.php';
+session_start();
+
+if (!isset($_SESSION['user_id'])) {
+    die("กรุณาเข้าสู่ระบบก่อน");
+}
+
+// ✅ เพิ่มสินค้าเข้า `cart`
+if (isset($_GET['add'])) {
+    $stmt = $conn->prepare("
+        INSERT INTO cart (users_id, products_id, qty)
+        VALUES (?, ?, 1)
+        ON DUPLICATE KEY UPDATE qty = qty + 1
+    ");
+    $stmt->execute([$_SESSION['user_id'], $_GET['add']]);
+    header("Location: cart.php");
+    exit;
+}
+
+// ✅ ดึงข้อมูลจาก `cart` และ `products`
+$stmt = $conn->prepare("
+    SELECT cart.*, products.name, products.price 
+    FROM cart 
+    JOIN products ON cart.products_id = products.id 
+    WHERE cart.users_id = ?
+");
+$stmt->execute([$_SESSION['user_id']]);
+$cart_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<h2>ตะกร้าสินค้า</h2>
+
+<?php if (empty($cart_items)): ?>
+    <p>ไม่มีสินค้าในตะกร้า</p>
+<?php else: ?>
+
+    
+    <table border="1" cellpadding="5" cellspacing="0">
+        <tr>
+            <th>User ID</th>
+            <th>รหัสสินค้า</th>
+            <th>ชื่อสินค้า</th>
+            <th>ราคา</th>
+            <th>จำนวน</th>
+            <th>รวม</th>
+            <th>การจัดการ</th>
+        </tr>
+    
+        <?php 
+        $total = 0;
+        foreach ($cart_items as $item): 
+            $subtotal = $item['price'] * $item['qty'];
+            $total += $subtotal;
+        ?>
+            <tr>
+            <td><?= $item['users_id'] ?></td>
+                <td><?= $item['products_id'] ?></td>
+                <td><?= htmlspecialchars($item['name']) ?></td>
+                <td><?= number_format($item['price'], 2) ?> บาท</td>
+                <td>
+                    <a href="cart.php?update=<?= $item['products_id'] ?>&qty=<?= $item['qty'] - 1 ?>">➖</a>
+                    <?= $item['qty'] ?>
+                    <a href="cart.php?update=<?= $item['products_id'] ?>&qty=<?= $item['qty'] + 1 ?>">➕</a>
+                </td>
+                <td><?= number_format($subtotal, 2) ?> บาท</td>
+                <td><a href="cart.php?remove=<?= $item['products_id'] ?>" onclick="return confirm('ลบสินค้านี้ออกจากตะกร้า?')">ลบ</a></td>
+            </tr>
+        <?php endforeach; ?>
+        <tr>
+            <td colspan="4" align="right"><strong>ยอดรวมทั้งหมด:</strong></td>
+            <td colspan="2"><strong><?= number_format($total, 2) ?> บาท</strong></td>
+        </tr>
+    </table>
+    <br>
+    <a href="checkout.php">🛒 ดำเนินการชำระเงิน</a>
+<?php endif; ?>

checkout.php

+<?php
+include 'connect.php';
+session_start();
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $stmt = $conn->prepare("DELETE FROM cart WHERE users_id = ?");
+    $stmt->execute([$_SESSION['user_id']]);
+    echo "ชำระเงินสำเร็จ!";
+    header("Location: index.php");
+}
+?>
+<form method="post">
+    <button type="submit">ชำระเงิน</button>
+</form>

connect.php

+<?php
+$host = 'localhost';
+$dbname = 'shop_db';
+$username = 'root';
+$password = '';
+
+try {
+    $conn = new PDO("mysql:host=$host;dbname=$dbname;charset=utf8", $username, $password);
+    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+} catch (PDOException $e) {
+    die("Connection failed: " . $e->getMessage());
+}
+?>

delete_product.php

+<?php
+include 'connect.php';
+
+if (isset($_GET['id'])) {
+    $stmt = $conn->prepare("DELETE FROM products WHERE id = ?");
+    $stmt->execute([$_GET['id']]);
+    header("Location: index.php");
+}
+?>

edit_product.php

+<?php
+include 'connect.php';
+
+if (isset($_GET['id'])) {
+    $stmt = $conn->prepare("SELECT * FROM products WHERE id = ?");
+    $stmt->execute([$_GET['id']]);
+    $product = $stmt->fetch(PDO::FETCH_ASSOC);
+}
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $id = $_POST['id'];
+    $name = $_POST['name'];
+    $price = $_POST['price'];
+
+    $stmt = $conn->prepare("UPDATE products SET name = ?, price = ? WHERE id = ?");
+    $stmt->execute([$name, $price, $id]);
+
+    echo "แก้ไขสินค้าสำเร็จ!";
+    header("Location: index.php");
+}
+?>
+<form method="post">
+    <input type="hidden" name="id" value="<?= $product['id'] ?>">
+    ชื่อสินค้า: <input type="text" name="name" value="<?= $product['name'] ?>" required>
+    ราคา: <input type="number" name="price" value="<?= $product['price'] ?>" required>
+    <button type="submit">บันทึก</button>
+</form>

index.php

+<a href="add_product.php">เพิ่มสินค้า</a> | 
+<a href="cart.php">ตะกร้าสินค้า</a> |
+<a href="logout.php">ออกจากระบบ</a> |
+<a href="login.php">เข้าสู่ระบบ</a>
+<?php
+include 'connect.php';
+
+$search = "";
+if (isset($_GET['search'])) {
+    $search = $_GET['search'];
+}
+
+$stmt = $conn->prepare("SELECT * FROM products WHERE name LIKE ?");
+$stmt->execute(["%$search%"]);
+$products = $stmt->fetchAll();
+?>
+
+<form method="GET">
+    ค้นหาสินค้า: <input type="text" name="search" value="<?= htmlspecialchars($search) ?>">
+    <button type="submit">ค้นหา</button>
+</form>
+
+<table border="1" cellpadding="5" cellspacing="0">
+    <tr>
+        <th>ID</th>
+        <th>ชื่อสินค้า</th>
+        <th>ราคา</th>
+        <th>การจัดการ</th>
+    </tr>
+
+    <?php foreach ($products as $product) : ?>
+        <tr>
+            <td><?= $product['id'] ?></td>
+            <td><?= htmlspecialchars($product['name']) ?></td>
+            <td><?= number_format($product['price'], 2) ?> บาท</td>
+            <td>
+                <a href="edit_product.php?id=<?= $product['id'] ?>">แก้ไข</a> |
+                <a href="delete_product.php?id=<?= $product['id'] ?>" onclick="return confirm('คุณแน่ใจหรือไม่?')">ลบ</a> |
+                <a href="cart.php?add=<?= $product['id'] ?>">เพิ่มลงตะกร้า</a>
+            </td>
+        </tr>
+    <?php endforeach; ?>
+</table>

login.php

+<?php
+include 'connect.php';
+session_start();
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $email = $_POST['email'];
+    $password = $_POST['password'];
+
+    $stmt = $conn->prepare("SELECT * FROM users WHERE email = ?");
+    $stmt->execute([$email]);
+    $user = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($user && password_verify($password, $user['password'])) {
+        $_SESSION['user_id'] = $user['id'];
+        header("Location: index.php");
+    } else {
+        echo "อีเมลหรือรหัสผ่านไม่ถูกต้อง!";
+    }
+}
+?>
+<form method="post">
+    อีเมล: <input type="email" name="email" required>
+    รหัสผ่าน: <input type="password" name="password" required>
+    <button type="submit">เข้าสู่ระบบ</button>
+</form>

logout.php

+<?php
+session_start();
+session_destroy();
+header("Location: login.php");
+?>

register.php

+<?php
+include 'connect.php';
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $name = $_POST['name'];
+    $email = $_POST['email'];
+    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
+
+    $stmt = $conn->prepare("INSERT INTO users (name, email, password) VALUES (?, ?, ?)");
+    $stmt->execute([$name, $email, $password]);
+
+    echo "สมัครสมาชิกสำเร็จ!";
+    header("Location: login.php");
+}
+?>
+<form method="post">
+    ชื่อ: <input type="text" name="name" required>
+    อีเมล: <input type="email" name="email" required>
+    รหัสผ่าน: <input type="password" name="password" required>
+    <button type="submit">สมัครสมาชิก</button>
+</form>