comparison: www/includes/db_recipes.php
www/includes/db_recipes.php
- changeset 61
- 3469979f83be
- parent 60
- dbbe408108ea
- child 71
- e1c50b21b7e3
equal
deleted
inserted
replaced
| 60:dbbe408108ea | 61:3469979f83be |
|---|---|
| 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); | 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); |
| 10 } | 10 } |
| 11 | 11 |
| 12 $escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c"); | 12 $escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c"); |
| 13 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); | 13 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); |
| 14 $rescapers = array("'"); | |
| 15 $rreplacements = array("\\'"); | |
| 14 $disallowed = array('visibleindex','uniqueid','boundindex','uid'); | 16 $disallowed = array('visibleindex','uniqueid','boundindex','uid'); |
| 15 | 17 |
| 16 // get data and store in a json array | 18 // get data and store in a json array |
| 17 $query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name"; | 19 $query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name"; |
| 18 if (isset($_POST['insert']) || isset($_POST['update'])) { | 20 if (isset($_POST['insert']) || isset($_POST['update'])) { |
| 62 foreach($array as $key => $item){ | 64 foreach($array as $key => $item){ |
| 63 foreach ($disallowed as $disallowed_key) { | 65 foreach ($disallowed as $disallowed_key) { |
| 64 unset($array[$key]["$disallowed_key"]); | 66 unset($array[$key]["$disallowed_key"]); |
| 65 } | 67 } |
| 66 } | 68 } |
| 67 syslog(LOG_NOTICE, "json_fermentables=: ".json_encode($array)); | 69 syslog(LOG_NOTICE, "json_fermentables=: ".str_replace($rescapers,$rreplacements,json_encode($array))); |
| 68 $sql .= "', json_fermentables='" . json_encode($array); | 70 $sql .= "', json_fermentables='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 69 } | 71 } |
| 70 | 72 |
| 71 if (isset($_POST['hops'])) { | 73 if (isset($_POST['hops'])) { |
| 72 $array = $_POST['hops']; | 74 $array = $_POST['hops']; |
| 73 foreach($array as $key => $item){ | 75 foreach($array as $key => $item){ |
| 74 foreach ($disallowed as $disallowed_key) { | 76 foreach ($disallowed as $disallowed_key) { |
| 75 unset($array[$key]["$disallowed_key"]); | 77 unset($array[$key]["$disallowed_key"]); |
| 76 } | 78 } |
| 77 } | 79 } |
| 78 syslog(LOG_NOTICE, "json_hops: ".json_encode($array)); | 80 syslog(LOG_NOTICE, "json_hops: ".str_replace($rescapers,$rreplacements,json_encode($array))); |
| 79 $sql .= "', json_hops='" . json_encode($array); | 81 $sql .= "', json_hops='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 80 } | 82 } |
| 81 | 83 |
| 82 if (isset($_POST['miscs'])) { | 84 if (isset($_POST['miscs'])) { |
| 83 $array = $_POST['miscs']; | 85 $array = $_POST['miscs']; |
| 84 foreach($array as $key => $item){ | 86 foreach($array as $key => $item){ |
| 85 foreach ($disallowed as $disallowed_key) { | 87 foreach ($disallowed as $disallowed_key) { |
| 86 unset($array[$key]["$disallowed_key"]); | 88 unset($array[$key]["$disallowed_key"]); |
| 87 } | 89 } |
| 88 } | 90 } |
| 89 syslog(LOG_NOTICE, "json_miscs: ".json_encode($array)); | 91 syslog(LOG_NOTICE, "json_miscs: ".str_replace($rescapers,$rreplacements,json_encode($array))); |
| 90 $sql .= "', json_miscs='" . json_encode($array); | 92 $sql .= "', json_miscs='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 91 } | 93 } |
| 92 | 94 |
| 93 if (isset($_POST['yeasts'])) { | 95 if (isset($_POST['yeasts'])) { |
| 94 $array = $_POST['yeasts']; | 96 $array = $_POST['yeasts']; |
| 95 foreach($array as $key => $item){ | 97 foreach($array as $key => $item){ |
| 96 foreach ($disallowed as $disallowed_key) { | 98 foreach ($disallowed as $disallowed_key) { |
| 97 unset($array[$key]["$disallowed_key"]); | 99 unset($array[$key]["$disallowed_key"]); |
| 98 } | 100 } |
| 99 } | 101 } |
| 100 syslog(LOG_NOTICE, "json_yeasts: ".json_encode($array)); | 102 syslog(LOG_NOTICE, "json_yeasts: ". str_replace($rescapers,$rreplacements,json_encode($array))); |
| 101 $sql .= "', json_yeasts='" . json_encode($array); | 103 $sql .= "', json_yeasts='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 102 } | 104 } |
| 103 | 105 |
| 104 if (isset($_POST['waters'])) { | 106 if (isset($_POST['waters'])) { |
| 105 $array = $_POST['waters']; | 107 $array = $_POST['waters']; |
| 106 foreach($array as $key => $item){ | 108 foreach($array as $key => $item){ |
| 107 foreach ($disallowed as $disallowed_key) { | 109 foreach ($disallowed as $disallowed_key) { |
| 108 unset($array[$key]["$disallowed_key"]); | 110 unset($array[$key]["$disallowed_key"]); |
| 109 } | 111 } |
| 110 } | 112 } |
| 111 syslog(LOG_NOTICE, "json_waters: ".json_encode($array)); | 113 syslog(LOG_NOTICE, "json_waters: ".str_replace($rescapers,$rreplacements,json_encode($array))); |
| 112 $sql .= "', json_waters='" . json_encode($array); | 114 $sql .= "', json_waters='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 113 } | 115 } |
| 114 | 116 |
| 115 if (isset($_POST['mashs'])) { | 117 if (isset($_POST['mashs'])) { |
| 116 $array = $_POST['mashs']; | 118 $array = $_POST['mashs']; |
| 117 foreach($array as $key => $item){ | 119 foreach($array as $key => $item){ |
| 118 foreach ($disallowed as $disallowed_key) { | 120 foreach ($disallowed as $disallowed_key) { |
| 119 unset($array[$key]["$disallowed_key"]); | 121 unset($array[$key]["$disallowed_key"]); |
| 120 } | 122 } |
| 121 } | 123 } |
| 122 syslog(LOG_NOTICE, "json_mashs: ".json_encode($array)); | 124 syslog(LOG_NOTICE, "json_mashs: ".str_replace($rescapers,$rreplacements,json_encode($array))); |
| 123 $sql .= "', json_mashs='" . json_encode($array); | 125 $sql .= "', json_mashs='" . str_replace($rescapers,$rreplacements,json_encode($array)); |
| 124 } | 126 } |
| 125 | 127 |
| 126 if (isset($_POST['insert'])) { | 128 if (isset($_POST['insert'])) { |
| 127 $sql .= "';"; | 129 $sql .= "';"; |
| 128 } | 130 } |
| 130 $sql .= "' WHERE record='" . $_POST['record'] . "';"; | 132 $sql .= "' WHERE record='" . $_POST['record'] . "';"; |
| 131 } | 133 } |
| 132 | 134 |
| 133 $result = mysqli_query($connect, $sql); | 135 $result = mysqli_query($connect, $sql); |
| 134 if (! $result) { | 136 if (! $result) { |
| 135 syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); | 137 syslog(LOG_NOTICE, "db_recipes: result: ".mysqli_error($connect)); |
| 136 } else { | 138 } else { |
| 137 if (isset($_POST['update'])) { | 139 if (isset($_POST['update'])) { |
| 138 syslog(LOG_NOTICE, "db_recipes: updated record ".$_POST['record']); | 140 syslog(LOG_NOTICE, "db_recipes: updated record ".$_POST['record']); |
| 139 } else { | 141 } else { |
| 140 syslog(LOG_NOTICE, "db_recipes: inserted ".$_POST['name']); | 142 syslog(LOG_NOTICE, "db_recipes: inserted ".$_POST['name']); |
| 145 } else if (isset($_POST['delete'])) { | 147 } else if (isset($_POST['delete'])) { |
| 146 // DELETE COMMAND | 148 // DELETE COMMAND |
| 147 $sql = "DELETE FROM `recipes` WHERE record='".$_POST['record']."';"; | 149 $sql = "DELETE FROM `recipes` WHERE record='".$_POST['record']."';"; |
| 148 $result = mysqli_query($connect, $sql); | 150 $result = mysqli_query($connect, $sql); |
| 149 if (! $result) { | 151 if (! $result) { |
| 150 syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); | 152 // syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); |
| 153 syslog(LOG_NOTICE, "db_recipes: result: ".mysqli_error($connect)); | |
| 151 } else { | 154 } else { |
| 152 syslog(LOG_NOTICE, "db_recipes: deleted record ".$_POST['record']); | 155 syslog(LOG_NOTICE, "db_recipes: deleted record ".$_POST['record']); |
| 153 } | 156 } |
| 154 echo $result; | 157 echo $result; |
| 155 | 158 |
