comparison: www/includes/db_product.php
www/includes/db_product.php
- changeset 114
- 4935e86b2775
- parent 112
- 7ef48396f705
- child 115
- ad31f4bd4036
equal
deleted
inserted
replaced
| 113:982c9ae73e12 | 114:4935e86b2775 |
|---|---|
| 8 if (! $connect) { | 8 if (! $connect) { |
| 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); | 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); |
| 10 } | 10 } |
| 11 mysqli_set_charset($connect, "utf8" ); | 11 mysqli_set_charset($connect, "utf8" ); |
| 12 | 12 |
| 13 syslog(LOG_NOTICE, "db_product: start"); | |
| 14 | |
| 15 $escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c"); | |
| 16 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); | |
| 17 $rescapers = array("'"); | |
| 18 $rreplacements = array("\\'"); | |
| 19 $disallowed = array('visibleindex','uniqueid','boundindex','uid'); | |
| 20 | |
| 21 | 13 |
| 22 if (isset($_POST['insert']) || isset($_POST['update'])) { | 14 if (isset($_POST['insert']) || isset($_POST['update'])) { |
| 23 if (isset($_POST['insert'])) { | 15 if (isset($_POST['insert'])) { |
| 24 // INSERT COMMAND | |
| 25 $sql = "INSERT INTO `prod_main` SET "; | 16 $sql = "INSERT INTO `prod_main` SET "; |
| 26 } | 17 } |
| 27 if (isset($_POST['update'])) { | 18 if (isset($_POST['update'])) { |
| 28 // UPDATE COMMAND | |
| 29 $sql = "UPDATE `prod_main` SET "; | 19 $sql = "UPDATE `prod_main` SET "; |
| 30 } | 20 } |
| 31 // Basic settings | 21 // Basic settings |
| 32 $sql .= "uuid='" . $_POST['uuid']; | 22 $sql .= "uuid='" . $_POST['uuid']; |
| 33 $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); | 23 $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); |
| 42 $sql .= "', eq_name='" . mysqli_real_escape_string($connect, $_POST['eq_name']); | 32 $sql .= "', eq_name='" . mysqli_real_escape_string($connect, $_POST['eq_name']); |
| 43 $sql .= "', eq_boil_size='" . $_POST['eq_boil_size']; | 33 $sql .= "', eq_boil_size='" . $_POST['eq_boil_size']; |
| 44 $sql .= "', eq_batch_size='" . $_POST['eq_batch_size']; | 34 $sql .= "', eq_batch_size='" . $_POST['eq_batch_size']; |
| 45 $sql .= "', eq_tun_volume='" . $_POST['eq_tun_volume']; | 35 $sql .= "', eq_tun_volume='" . $_POST['eq_tun_volume']; |
| 46 $sql .= "', eq_tun_weight='" . $_POST['eq_tun_weight']; | 36 $sql .= "', eq_tun_weight='" . $_POST['eq_tun_weight']; |
| 47 $sql .= "', eq_tun_specific_heat='" . $_POST['eq_tun_specific_heat']; | 37 $material = mysqli_real_escape_string($connect, $_GET['tun_material']); |
| 48 $sql .= "', eq_tun_material='" . $_POST['eq_tun_material']; | 38 $sql .= "', eq_tun_material='" . $material; |
| 39 if ($material == "RVS") { | |
| 40 $sql .= "', eq_tun_specific_heat='0.11"; | |
| 41 } else if ($material == "Aluminium") { | |
| 42 $sql .= "', eq_tun_specific_heat='0.22"; | |
| 43 } else if ($material == "Kunststof") { | |
| 44 $sql .= "', eq_tun_specific_heat='0.46"; | |
| 45 } else if ($material == "Koper") { | |
| 46 $sql .= "', eq_tun_specific_heat='0.092"; | |
| 47 } | |
| 49 $sql .= "', eq_tun_height='" . $_POST['eq_tun_height']; | 48 $sql .= "', eq_tun_height='" . $_POST['eq_tun_height']; |
| 50 $sql .= "', eq_top_up_water='" . $_POST['eq_top_up_water']; | 49 $sql .= "', eq_top_up_water='" . $_POST['eq_top_up_water']; |
| 51 $sql .= "', eq_trub_chiller_loss='" . $_POST['eq_trub_chiller_loss']; | 50 $sql .= "', eq_trub_chiller_loss='" . $_POST['eq_trub_chiller_loss']; |
| 52 $sql .= "', eq_evap_rate='" . $_POST['eq_evap_rate']; | 51 $sql .= "', eq_evap_rate='" . $_POST['eq_evap_rate']; |
| 53 $sql .= "', eq_boil_time='" . $_POST['eq_boil_time']; | 52 $sql .= "', eq_boil_time='" . $_POST['eq_boil_time']; |
| 103 // } | 102 // } |
| 104 // SELECT COMMAND | 103 // SELECT COMMAND |
| 105 if (isset($_GET['select']) && ($_GET['select'] == "inprod")) { | 104 if (isset($_GET['select']) && ($_GET['select'] == "inprod")) { |
| 106 $query = "SELECT record,name,code,birth,stage FROM prod_main WHERE stage != 'Closed' ORDER BY birth,code;"; | 105 $query = "SELECT record,name,code,birth,stage FROM prod_main WHERE stage != 'Closed' ORDER BY birth,code;"; |
| 107 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); | 106 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); |
| 108 $brews = '['; | |
| 109 $comma = FALSE; | |
| 110 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { | 107 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { |
| 111 // Manual encode to JSON. | 108 $brews[] = array( |
| 112 if ($comma) | 109 'record' => $row['record'], |
| 113 $brews .= ','; | 110 'name' => $row['name'], |
| 114 $comma = TRUE; | 111 'code' => $row['code'], |
| 115 $brews .= '{"record":' . $row['record']; | 112 'birth' => $row['birth'], |
| 116 $brews .= ',"name":"' . str_replace($escapers, $replacements, $row['name']); | 113 'stage' => $row['stage'] |
| 117 $brews .= '","code":"' . str_replace($escapers, $replacements, $row['code']); | 114 ); |
| 118 $brews .= '","birth":"' . str_replace($escapers, $replacements, $row['birth']); | |
| 119 $brews .= '","stage":"' . str_replace($escapers, $replacements, $row['stage']); | |
| 120 $brews .= '"}'; | |
| 121 } | 115 } |
| 122 $brews .= ']'; | 116 echo json_encode($brews); |
| 123 header("Content-type: application/json"); | |
| 124 echo $brews; | |
| 125 return; | 117 return; |
| 126 } | 118 } |
| 127 | 119 |
| 128 /* | 120 /* |
| 129 * Default, select all | 121 * Default, select all |
