comparison: www/includes/db_inventory_fermentables.php
www/includes/db_inventory_fermentables.php
- changeset 18
- 395833e20f88
- parent 11
- d341f0a91a91
- child 37
- 9362eb9e9e5b
equal
deleted
inserted
replaced
| 17:bb97e0de63cf | 18:395833e20f88 |
|---|---|
| 15 if (isset($_GET['insert'])) { | 15 if (isset($_GET['insert'])) { |
| 16 // INSERT COMMAND | 16 // INSERT COMMAND |
| 17 $sql = "INSERT INTO `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); | 17 $sql = "INSERT INTO `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); |
| 18 $sql .= "', type='" . $_GET['type']; | 18 $sql .= "', type='" . $_GET['type']; |
| 19 $sql .= "', yield='" . $_GET['yield']; | 19 $sql .= "', yield='" . $_GET['yield']; |
| 20 $sql .= "', color='" . ebc_to_srm($_GET['color']); | 20 $sql .= "', color='" . $_GET['color']; |
| 21 ($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0"; | 21 ($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0"; |
| 22 $sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']); | 22 $sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']); |
| 23 $sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']); | 23 $sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']); |
| 24 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); | 24 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); |
| 25 $sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff']; | 25 $sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff']; |
| 35 $sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']); | 35 $sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']); |
| 36 $sql .= "', inventory='" . $_GET['inventory']; | 36 $sql .= "', inventory='" . $_GET['inventory']; |
| 37 $sql .= "', cost='" . $_GET['cost']; | 37 $sql .= "', cost='" . $_GET['cost']; |
| 38 $sql .= "', production_date='" . $_GET['production_date']; | 38 $sql .= "', production_date='" . $_GET['production_date']; |
| 39 $sql .= "', tht_date='" . $_GET['tht_date']; | 39 $sql .= "', tht_date='" . $_GET['tht_date']; |
| 40 $sql .= "', supplier_rec='" . $_GET['supplier_rec']; | 40 //$sql .= "', supplier_rec='" . $_GET['supplier_rec']; |
| 41 $sql .= "';"; | 41 $sql .= "';"; |
| 42 error_log("\"$sql\""); | 42 $result = mysqli_query($connect, $sql); |
| 43 $result = mysqli_query($connect, $sql) or die("SQL Error 1: " . mysqli_error($connect)); | 43 if (! $result) { |
| 44 error_log("result " . $result); | 44 syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect)); |
| 45 } else { | |
| 46 syslog(LOG_NOTICE, "db_inventory_fermentables: inserted ".$_GET['name']); | |
| 47 } | |
| 45 echo $result; | 48 echo $result; |
| 46 | 49 |
| 47 } else if (isset($_GET['update'])) { | 50 } else if (isset($_GET['update'])) { |
| 48 // UPDATE COMMAND | 51 // UPDATE COMMAND |
| 49 $sql = "UPDATE `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); | 52 $sql = "UPDATE `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); |
| 50 $sql .= "', type='" . $_GET['type']; | 53 $sql .= "', type='" . $_GET['type']; |
| 51 $sql .= "', yield='" . $_GET['yield']; | 54 $sql .= "', yield='" . $_GET['yield']; |
| 52 $sql .= "', color='" . ebc_to_srm($_GET['color']); | 55 $sql .= "', color='" . $_GET['color']; |
| 53 ($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0"; | 56 ($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0"; |
| 54 $sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']); | 57 $sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']); |
| 55 $sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']); | 58 $sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']); |
| 56 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); | 59 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); |
| 57 $sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff']; | 60 $sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff']; |
| 67 $sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']); | 70 $sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']); |
| 68 $sql .= "', inventory='" . $_GET['inventory']; | 71 $sql .= "', inventory='" . $_GET['inventory']; |
| 69 $sql .= "', cost='" . $_GET['cost']; | 72 $sql .= "', cost='" . $_GET['cost']; |
| 70 $sql .= "', production_date='" . $_GET['production_date']; | 73 $sql .= "', production_date='" . $_GET['production_date']; |
| 71 $sql .= "', tht_date='" . $_GET['tht_date']; | 74 $sql .= "', tht_date='" . $_GET['tht_date']; |
| 72 $sql .= "', supplier_rec='" . $_GET['supplier_rec']; | 75 //$sql .= "', supplier_rec='" . $_GET['supplier_rec']; |
| 73 $sql .= "' WHERE record='" . $_GET['record'] . "';"; | 76 $sql .= "' WHERE record='" . $_GET['record'] . "';"; |
| 74 error_log("\"$sql\""); | 77 $result = mysqli_query($connect, $sql); |
| 75 $result = mysqli_query($connect, $sql) or die("SQL Error 1: " . mysqli_error($connect)); | 78 if (! $result) { |
| 76 error_log("result " . $result); | 79 syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect)); |
| 80 } else { | |
| 81 syslog(LOG_NOTICE, "db_inventory_fermentables: updated record ".$_GET['record']); | |
| 82 } | |
| 77 echo $result; | 83 echo $result; |
| 78 | 84 |
| 79 } else if (isset($_GET['delete'])) { | 85 } else if (isset($_GET['delete'])) { |
| 80 // DELETE COMMAND | 86 // DELETE COMMAND |
| 81 $sql = "DELETE FROM `inventory_fermentables` WHERE record='".$_GET['record']."';"; | 87 $sql = "DELETE FROM `inventory_fermentables` WHERE record='".$_GET['record']."';"; |
| 82 error_log("\"$sql\""); | 88 $result = mysqli_query($connect, $sql); |
| 83 $result = mysqli_query($connect, $sql) or die("SQL Error 1: " . mysqli_error($connect)); | 89 if (! $result) { |
| 84 error_log("result " . $result); | 90 syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect)); |
| 91 } else { | |
| 92 syslog(LOG_NOTICE, "db_inventory_fermentables: deleted record ".$_GET['record']); | |
| 93 } | |
| 85 echo $result; | 94 echo $result; |
| 86 | 95 |
| 87 } else { | 96 } else { |
| 88 // SELECT COMMAND | 97 // SELECT COMMAND |
| 89 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); | 98 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); |
