7 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); |
7 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); |
8 if (! $connect) { |
8 if (! $connect) { |
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); |
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); |
10 } |
10 } |
11 mysqli_set_charset($connect, "utf8" ); |
11 mysqli_set_charset($connect, "utf8" ); |
|
12 |
|
13 $response = array( |
|
14 'error' => false, |
|
15 'msg' => 'Ok', |
|
16 ); |
12 |
17 |
13 // get data and store in a json array |
18 // get data and store in a json array |
14 $query = "SELECT * FROM inventory_suppliers ORDER BY name"; |
19 $query = "SELECT * FROM inventory_suppliers ORDER BY name"; |
15 if (isset($_POST['insert'])) { |
20 if (isset($_POST['insert'])) { |
16 // INSERT COMMAND |
21 // INSERT COMMAND |
25 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
30 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
26 $sql .= "';"; |
31 $sql .= "';"; |
27 $result = mysqli_query($connect, $sql); |
32 $result = mysqli_query($connect, $sql); |
28 if (! $result) { |
33 if (! $result) { |
29 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
34 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
30 //} else { |
35 $response['error'] = true; |
31 // syslog(LOG_NOTICE, "db_inventory_suppliers: inserted ".$_POST['name']); |
36 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
32 } |
37 } |
33 echo $result; |
38 exit(json_encode($response)); |
34 |
39 |
35 } else if (isset($_POST['update'])) { |
40 } else if (isset($_POST['update'])) { |
36 // UPDATE COMMAND |
41 // UPDATE COMMAND |
37 $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); |
42 $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); |
38 $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); |
43 $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); |
45 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
50 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
46 $sql .= "' WHERE record='" . $_POST['record'] . "';"; |
51 $sql .= "' WHERE record='" . $_POST['record'] . "';"; |
47 $result = mysqli_query($connect, $sql); |
52 $result = mysqli_query($connect, $sql); |
48 if (! $result) { |
53 if (! $result) { |
49 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
54 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
50 //} else { |
55 $response['error'] = true; |
51 // syslog(LOG_NOTICE, "db_inventory_suppliers: updated record ".$_POST['record']); |
56 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
52 } |
57 } |
53 echo $result; |
58 exit(json_encode($response)); |
54 |
59 |
55 } else if (isset($_POST['delete'])) { |
60 } else if (isset($_POST['delete'])) { |
56 // DELETE COMMAND |
61 // DELETE COMMAND |
57 // FIXME: need to check if the record is in use |
|
58 $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; |
62 $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; |
59 $result = mysqli_query($connect, $sql); |
63 $result = mysqli_query($connect, $sql); |
60 if (! $result) { |
64 if (! $result) { |
61 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
65 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
62 } else { |
66 $response['error'] = true; |
63 syslog(LOG_NOTICE, "db_inventory_suppliers: deleted record ".$_POST['record']); |
67 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
64 } |
68 } |
65 echo $result; |
69 exit(json_encode($response)); |
66 |
70 |
67 } else { |
71 } else { |
68 // SELECT COMMAND |
72 // SELECT COMMAND |
69 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); |
73 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); |
70 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { |
74 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { |
80 'phone' => $row['phone'], |
84 'phone' => $row['phone'], |
81 'notes' => $row['notes'] |
85 'notes' => $row['notes'] |
82 ); |
86 ); |
83 } |
87 } |
84 header("Content-type: application/json"); |
88 header("Content-type: application/json"); |
85 echo json_encode($suppliers); |
89 exit(json_encode($suppliers)); |
86 } |
90 } |
|
91 |
|
92 syslog(LOG_NOTICE, "db_inventory_suppliers: missing arguments"); |
|
93 $response['error'] = true; |
|
94 $response['msg'] = "missing arguments"; |
|
95 echo json_encode($response); |
|
96 |
87 ?> |
97 ?> |