Mercurial > bms / file comparison

comparison: www/includes/db_profile_styles.php

www/includes/db_profile_styles.php

changeset 217
318aab371497
parent 77
a9f8de2d7b2b
child 296
69fadd1aded2
equal deleted inserted replaced
216:fda7286871f2 217:318aab371497
8 if (! $connect) { 8 if (! $connect) {
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
10 } 10 }
11 mysqli_set_charset($connect, "utf8" ); 11 mysqli_set_charset($connect, "utf8" );
12 12
13 // get data and store in a json array 13 if (isset($_POST['insert']) || isset($_POST['update'])) {
14 $query = "SELECT * FROM profile_styles ORDER BY style_guide,style_letter,name"; 14 if (isset($_POST['insert'])) {
15 if (isset($_GET['insert'])) { 15 $sql = "INSERT INTO `profile_styles` SET ";
16 // INSERT COMMAND 16 }
17 $sql = "INSERT INTO `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 17 if (isset($_POST['update'])) {
18 $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); 18 $sql = "UPDATE `profile_styles` SET ";
19 $sql .= "', category_number='" . $_GET['category_number']; 19 }
20 $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); 20
21 $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); 21 $sql .= "name='" . mysqli_real_escape_string($connect, $_POST['name']);
22 $sql .= "', type='" . $_GET['type']; 22 $sql .= "', category='" . mysqli_real_escape_string($connect, $_POST['category']);
23 $sql .= "', og_min='" . $_GET['og_min']; 23 $sql .= "', category_number='" . $_POST['category_number'];
24 $sql .= "', og_max='" . $_GET['og_max']; 24 $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_POST['style_letter']);
25 $sql .= "', fg_min='" . $_GET['fg_min']; 25 $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_POST['style_guide']);
26 $sql .= "', fg_max='" . $_GET['fg_max']; 26 $sql .= "', type='" . $_POST['type'];
27 $sql .= "', ibu_min='" . $_GET['ibu_min']; 27 $sql .= "', og_min='" . $_POST['og_min'];
28 $sql .= "', ibu_max='" . $_GET['ibu_max']; 28 $sql .= "', og_max='" . $_POST['og_max'];
29 $sql .= "', color_min='" . $_GET['color_min']; 29 $sql .= "', fg_min='" . $_POST['fg_min'];
30 $sql .= "', color_max='" . $_GET['color_max']; 30 $sql .= "', fg_max='" . $_POST['fg_max'];
31 $sql .= "', carb_min='" . $_GET['carb_min']; 31 $sql .= "', ibu_min='" . $_POST['ibu_min'];
32 $sql .= "', carb_max='" . $_GET['carb_max']; 32 $sql .= "', ibu_max='" . $_POST['ibu_max'];
33 $sql .= "', abv_min='" . $_GET['abv_min']; 33 $sql .= "', color_min='" . $_POST['color_min'];
34 $sql .= "', abv_max='" . $_GET['abv_max']; 34 $sql .= "', color_max='" . $_POST['color_max'];
35 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); 35 $sql .= "', carb_min='" . $_POST['carb_min'];
36 $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); 36 $sql .= "', carb_max='" . $_POST['carb_max'];
37 $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); 37 $sql .= "', abv_min='" . $_POST['abv_min'];
38 $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); 38 $sql .= "', abv_max='" . $_POST['abv_max'];
39 $sql .= "';"; 39 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
40 $sql .= "', profile='" . mysqli_real_escape_string($connect, $_POST['profile']);
41 $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_POST['ingredients']);
42 $sql .= "', examples='" . mysqli_real_escape_string($connect, $_POST['examples']);
43 if (isset($_POST['insert'])) {
44 $sql .= "';";
45 }
46 if (isset($_POST['update'])) {
47 $sql .= "' WHERE record='" . $_POST['record'] . "';";
48 }
49
40 $result = mysqli_query($connect, $sql); 50 $result = mysqli_query($connect, $sql);
41 if (! $result) { 51 if (! $result) {
42 syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); 52 syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect));
43 } else { 53 } else {
44 syslog(LOG_NOTICE, "db_profile_styles: inserted ".$_GET['name']); 54 if (isset($_POST['update'])) {
55 syslog(LOG_NOTICE, "db_profile_styles: updated record ".$_POST['record']);
56 } else {
57 $lastid = mysqli_insert_id($connect);
58 syslog(LOG_NOTICE, "db_profile_styles: inserted record ".$lastid);
59 }
45 } 60 }
46 echo $result; 61 echo $result;
47 62
48 } else if (isset($_GET['update'])) { 63 } else if (isset($_POST['delete'])) {
49 // UPDATE COMMAND 64 // DELETE COMMAND
50 $sql = "UPDATE `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 65 $sql = "DELETE FROM `profile_styles` WHERE record='".$_POST['record']."';";
51 $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']);
52 $sql .= "', category_number='" . $_GET['category_number'];
53 $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']);
54 $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']);
55 $sql .= "', type='" . $_GET['type'];
56 $sql .= "', og_min='" . $_GET['og_min'];
57 $sql .= "', og_max='" . $_GET['og_max'];
58 $sql .= "', fg_min='" . $_GET['fg_min'];
59 $sql .= "', fg_max='" . $_GET['fg_max'];
60 $sql .= "', ibu_min='" . $_GET['ibu_min'];
61 $sql .= "', ibu_max='" . $_GET['ibu_max'];
62 $sql .= "', color_min='" . $_GET['color_min'];
63 $sql .= "', color_max='" . $_GET['color_max'];
64 $sql .= "', carb_min='" . $_GET['carb_min'];
65 $sql .= "', carb_max='" . $_GET['carb_max'];
66 $sql .= "', abv_min='" . $_GET['abv_min'];
67 $sql .= "', abv_max='" . $_GET['abv_max'];
68 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
69 $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']);
70 $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']);
71 $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']);
72 $sql .= "' WHERE record='" . $_GET['record'] . "';";
73 $result = mysqli_query($connect, $sql); 66 $result = mysqli_query($connect, $sql);
74 if (! $result) { 67 if (! $result) {
75 syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); 68 syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect));
76 } else { 69 } else {
77 syslog(LOG_NOTICE, "db_profile_styles: updated record ".$_GET['record']); 70 syslog(LOG_NOTICE, "db_profile_styles: deleted record ".$_POST['record']);
78 }
79 echo $result;
80
81 } else if (isset($_GET['delete'])) {
82 // DELETE COMMAND
83 $sql = "DELETE FROM `profile_styles` WHERE record='".$_GET['record']."';";
84 $result = mysqli_query($connect, $sql);
85 if (! $result) {
86 syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect));
87 } else {
88 syslog(LOG_NOTICE, "db_profile_styles: deleted record ".$_GET['record']);
89 } 71 }
90 echo $result; 72 echo $result;
91 73
92 } else { 74 } else {
93 // SELECT COMMAND 75 // SELECT COMMAND
76 $query = "SELECT * FROM profile_styles ORDER BY style_guide,style_letter,name";
94 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); 77 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
95 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { 78 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
96 $styles[] = array( 79 $styles[] = array(
97 'record' => $row['record'], 80 'record' => $row['record'],
98 'name' => $row['name'], 81 'name' => $row['name'],

Mercurial Repository: bms

mercurial