Mercurial > bms / file comparison

comparison: www/includes/db_inventory_water.php

www/includes/db_inventory_water.php

changeset 205
08488ac3bbb1
parent 99
f433193f7bb6
child 296
69fadd1aded2
equal deleted inserted replaced
204:5df88c6dc903 205:08488ac3bbb1
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
10 } 10 }
11 mysqli_set_charset($connect, "utf8" ); 11 mysqli_set_charset($connect, "utf8" );
12 12
13 13
14 // get data and store in a json array 14 if (isset($_POST['insert']) || isset($_POST['update'])) {
15 $query = "SELECT * FROM inventory_waters ORDER BY name"; 15 if (isset($_POST['insert'])) {
16 if (isset($_GET['insert'])) { 16 $sql = "INSERT INTO `inventory_waters` SET ";
17 // INSERT COMMAND 17 }
18 $sql = "INSERT INTO `inventory_waters` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 18 if (isset($_POST['update'])) {
19 ($_GET['unlimited_stock'] == 'true') ? $sql .= "', unlimited_stock='1" : $sql .= "', unlimited_stock='0"; 19 $sql = "UPDATE `inventory_waters` SET ";
20 $sql .= "', calcium='" . $_GET['calcium']; 20 }
21 $sql .= "', bicarbonate='" . $_GET['bicarbonate']; 21
22 $sql .= "', sulfate='" . $_GET['sulfate']; 22 $sql .= "name='" . mysqli_real_escape_string($connect, $_POST['name']);
23 $sql .= "', chloride='" . $_GET['chloride']; 23 ($_POST['unlimited_stock'] == 'true') ? $sql .= "', unlimited_stock='1" : $sql .= "', unlimited_stock='0";
24 $sql .= "', sodium='" . $_GET['sodium']; 24 $sql .= "', calcium='" . $_POST['calcium'];
25 $sql .= "', magnesium='" . $_GET['magnesium']; 25 $sql .= "', bicarbonate='" . $_POST['bicarbonate'];
26 $sql .= "', ph='" . $_GET['ph']; 26 $sql .= "', sulfate='" . $_POST['sulfate'];
27 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); 27 $sql .= "', chloride='" . $_POST['chloride'];
28 $sql .= "', total_alkalinity='" . $_GET['total_alkalinity']; 28 $sql .= "', sodium='" . $_POST['sodium'];
29 $sql .= "', inventory='" . $_GET['inventory']; 29 $sql .= "', magnesium='" . $_POST['magnesium'];
30 $sql .= "', cost='" . $_GET['cost']; 30 $sql .= "', ph='" . $_POST['ph'];
31 $sql .= "';"; 31 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
32 $sql .= "', total_alkalinity='" . $_POST['total_alkalinity'];
33 $sql .= "', inventory='" . $_POST['inventory'];
34 $sql .= "', cost='" . $_POST['cost'];
35 if (isset($_POST['insert'])) {
36 $sql .= "';";
37 }
38 if (isset($_POST['update'])) {
39 $sql .= "' WHERE record='" . $_POST['record'] . "';";
40 }
41 syslog(LOG_NOTICE, $sql);
42
32 $result = mysqli_query($connect, $sql); 43 $result = mysqli_query($connect, $sql);
33 if (! $result) { 44 if (! $result) {
34 syslog(LOG_NOTICE, "db_inventory_waters: ".$sql." result: ".mysqli_error($connect)); 45 syslog(LOG_NOTICE, "db_inventory_waters: ".$sql." result: ".mysqli_error($connect));
35 } else { 46 } else {
36 syslog(LOG_NOTICE, "db_inventory_waters: inserted ".$_GET['name']); 47 if (isset($_POST['update'])) {
48 syslog(LOG_NOTICE, "db_inventory_waters: updated record ".$_POST['record']);
49 } else {
50 $lastid = mysqli_insert_id($connect);
51 syslog(LOG_NOTICE, "db_inventory_waters: inserted record ".$lastid);
52 }
37 } 53 }
38 echo $result; 54 echo $result;
39 55
40 } else if (isset($_GET['update'])) { 56 } else if (isset($_POST['delete'])) {
41 // UPDATE COMMAND 57 // DELETE COMMAND
42 $sql = "UPDATE `inventory_waters` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 58 $sql = "DELETE FROM `inventory_waters` WHERE record='".$_POST['record']."';";
43 ($_GET['unlimited_stock'] == 'true') ? $sql .= "', unlimited_stock='1" : $sql .= "', unlimited_stock='0";
44 $sql .= "', calcium='" . $_GET['calcium'];
45 $sql .= "', bicarbonate='" . $_GET['bicarbonate'];
46 $sql .= "', sulfate='" . $_GET['sulfate'];
47 $sql .= "', chloride='" . $_GET['chloride'];
48 $sql .= "', sodium='" . $_GET['sodium'];
49 $sql .= "', magnesium='" . $_GET['magnesium'];
50 $sql .= "', ph='" . $_GET['ph'];
51 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
52 $sql .= "', total_alkalinity='" . $_GET['total_alkalinity'];
53 $sql .= "', inventory='" . $_GET['inventory'];
54 $sql .= "', cost='" . $_GET['cost'];
55 $sql .= "' WHERE record='" . $_GET['record'] . "';";
56 $result = mysqli_query($connect, $sql); 59 $result = mysqli_query($connect, $sql);
57 if (! $result) { 60 if (! $result) {
58 syslog(LOG_NOTICE, "db_inventory_waters: ".$sql." result: ".mysqli_error($connect)); 61 syslog(LOG_NOTICE, "db_inventory_waters: ".$sql." result: ".mysqli_error($connect));
59 } else { 62 } else {
60 syslog(LOG_NOTICE, "db_inventory_waters: updated record ".$_GET['record']); 63 syslog(LOG_NOTICE, "db_inventory_waters: deleted record ".$_POST['record']);
61 }
62 echo $result;
63
64 } else if (isset($_GET['delete'])) {
65 // DELETE COMMAND
66 $sql = "DELETE FROM `inventory_waters` WHERE record='".$_GET['record']."';";
67 $result = mysqli_query($connect, $sql);
68 if (! $result) {
69 syslog(LOG_NOTICE, "db_inventory_waters: ".$sql." result: ".mysqli_error($connect));
70 } else {
71 syslog(LOG_NOTICE, "db_inventory_waters: deleted record ".$_GET['record']);
72 } 64 }
73 echo $result; 65 echo $result;
74 66
75 } else { 67 } else {
76 // SELECT COMMAND 68 // SELECT COMMAND
69 $query = "SELECT * FROM inventory_waters ORDER BY name";
77 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); 70 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
78 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { 71 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
79 $waters[] = array( 72 $waters[] = array(
80 'record' => $row['record'], 73 'record' => $row['record'],
81 'name' => $row['name'], 74 'name' => $row['name'],

Mercurial Repository: bms

mercurial