bms: comparison www/includes/db

-:7f41b61c3faf
+:601920b902e5
 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
 $rescapers = array("'");
 $rreplacements = array("\\'");
 $disallowed = array('visibleindex','uniqueid','boundindex','uid');
-// get data and store in a json array
-$query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name";
 if (isset($_POST['insert']) || isset($_POST['update'])) {
 	if (isset($_POST['insert'])) {
 		// INSERT COMMAND
 		$sql  = "INSERT INTO `recipes` SET ";
 	}
 		syslog(LOG_NOTICE, "db_recipes: deleted record ".$_POST['record']);
 	}
 	echo $result;
 } else {
-	// SELECT COMMAND
+	/*
+	 * Select all or a given record.
+	 */
+	if (isset($_GET['record'])) {
+		$query = "SELECT * FROM recipes WHERE record='" . $_GET['record'] . "';";
+	} else {
+		$query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name";
+	}
 	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
 	$recipes = '[';
 	$comma = FALSE;
 	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
 		// Manual encode to JSON.

comparison: www/includes/db_recipes.php