comparison: www/includes/db_inventory_suppliers.php
www/includes/db_inventory_suppliers.php
- changeset 767
- 08c0343b622b
- parent 715
- 8fb922c00a2d
- child 785
- aa79acfdf8a9
equal
deleted
inserted
replaced
| 766:86289b0c4a27 | 767:08c0343b622b |
|---|---|
| 7 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); | 7 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); |
| 8 if (! $connect) { | 8 if (! $connect) { |
| 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); | 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); |
| 10 } | 10 } |
| 11 mysqli_set_charset($connect, "utf8" ); | 11 mysqli_set_charset($connect, "utf8" ); |
| 12 | |
| 13 $response = array( | |
| 14 'error' => false, | |
| 15 'msg' => 'Ok', | |
| 16 ); | |
| 12 | 17 |
| 13 // get data and store in a json array | 18 // get data and store in a json array |
| 14 $query = "SELECT * FROM inventory_suppliers ORDER BY name"; | 19 $query = "SELECT * FROM inventory_suppliers ORDER BY name"; |
| 15 if (isset($_POST['insert'])) { | 20 if (isset($_POST['insert'])) { |
| 16 // INSERT COMMAND | 21 // INSERT COMMAND |
| 25 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); | 30 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
| 26 $sql .= "';"; | 31 $sql .= "';"; |
| 27 $result = mysqli_query($connect, $sql); | 32 $result = mysqli_query($connect, $sql); |
| 28 if (! $result) { | 33 if (! $result) { |
| 29 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); | 34 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
| 30 //} else { | 35 $response['error'] = true; |
| 31 // syslog(LOG_NOTICE, "db_inventory_suppliers: inserted ".$_POST['name']); | 36 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
| 32 } | 37 } |
| 33 echo $result; | 38 exit(json_encode($response)); |
| 34 | 39 |
| 35 } else if (isset($_POST['update'])) { | 40 } else if (isset($_POST['update'])) { |
| 36 // UPDATE COMMAND | 41 // UPDATE COMMAND |
| 37 $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); | 42 $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); |
| 38 $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); | 43 $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); |
| 45 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); | 50 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
| 46 $sql .= "' WHERE record='" . $_POST['record'] . "';"; | 51 $sql .= "' WHERE record='" . $_POST['record'] . "';"; |
| 47 $result = mysqli_query($connect, $sql); | 52 $result = mysqli_query($connect, $sql); |
| 48 if (! $result) { | 53 if (! $result) { |
| 49 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); | 54 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
| 50 //} else { | 55 $response['error'] = true; |
| 51 // syslog(LOG_NOTICE, "db_inventory_suppliers: updated record ".$_POST['record']); | 56 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
| 52 } | 57 } |
| 53 echo $result; | 58 exit(json_encode($response)); |
| 54 | 59 |
| 55 } else if (isset($_POST['delete'])) { | 60 } else if (isset($_POST['delete'])) { |
| 56 // DELETE COMMAND | 61 // DELETE COMMAND |
| 57 // FIXME: need to check if the record is in use | |
| 58 $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; | 62 $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; |
| 59 $result = mysqli_query($connect, $sql); | 63 $result = mysqli_query($connect, $sql); |
| 60 if (! $result) { | 64 if (! $result) { |
| 61 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); | 65 syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); |
| 62 } else { | 66 $response['error'] = true; |
| 63 syslog(LOG_NOTICE, "db_inventory_suppliers: deleted record ".$_POST['record']); | 67 $response['msg'] = "SQL fout: ".mysqli_error($connect); |
| 64 } | 68 } |
| 65 echo $result; | 69 exit(json_encode($response)); |
| 66 | 70 |
| 67 } else { | 71 } else { |
| 68 // SELECT COMMAND | 72 // SELECT COMMAND |
| 69 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); | 73 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); |
| 70 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { | 74 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { |
| 80 'phone' => $row['phone'], | 84 'phone' => $row['phone'], |
| 81 'notes' => $row['notes'] | 85 'notes' => $row['notes'] |
| 82 ); | 86 ); |
| 83 } | 87 } |
| 84 header("Content-type: application/json"); | 88 header("Content-type: application/json"); |
| 85 echo json_encode($suppliers); | 89 exit(json_encode($suppliers)); |
| 86 } | 90 } |
| 91 | |
| 92 syslog(LOG_NOTICE, "db_inventory_suppliers: missing arguments"); | |
| 93 $response['error'] = true; | |
| 94 $response['msg'] = "missing arguments"; | |
| 95 echo json_encode($response); | |
| 96 | |
| 87 ?> | 97 ?> |
