www/includes/db_inventory_mash_profiles.php

changeset 45
95251bedfab4
parent 44
6fea20eead56
child 46
ff9be9dbcac0
equal deleted inserted replaced
44:6fea20eead56 45:95251bedfab4
1 <?php
2
3 require($_SERVER['DOCUMENT_ROOT']."/config.php");
4 require($_SERVER['DOCUMENT_ROOT']."/version.php");
5
6 #Connect to the database
7 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
8 if (! $connect) {
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
10 }
11
12 // get data and store in a json array
13 $query = "SELECT * FROM inventory_mash_profiles ORDER BY name";
14 if (isset($_GET['insert'])) {
15 // INSERT COMMAND
16 $sql = "INSERT INTO `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
17 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
18 $sql .= "', steps='" . json_encode($_GET['steps']);
19 $sql .= "';";
20 $result = mysqli_query($connect, $sql);
21 if (! $result) {
22 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect));
23 } else {
24 syslog(LOG_NOTICE, "db_inventory_mash_profiles: inserted ".$_GET['name']);
25 }
26 echo $result;
27
28 } else if (isset($_GET['update'])) {
29 // UPDATE COMMAND
30 $sql = "UPDATE `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
31 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
32 $sql .= "', steps='" . json_encode($_GET['steps']);
33 $sql .= "' WHERE record='" . $_GET['record'] . "';";
34 $result = mysqli_query($connect, $sql);
35 if (! $result) {
36 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect));
37 } else {
38 syslog(LOG_NOTICE, "db_inventory_mash_profiles: updated record ".$_GET['record']);
39 }
40 echo $result;
41
42 } else if (isset($_GET['delete'])) {
43 // DELETE COMMAND
44 $sql = "DELETE FROM `inventory_mash_profiles` WHERE record='".$_GET['record']."';";
45 $result = mysqli_query($connect, $sql);
46 if (! $result) {
47 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect));
48 } else {
49 syslog(LOG_NOTICE, "db_inventory_mash_profiles: deleted record ".$_GET['record']);
50 }
51 echo $result;
52
53 } else {
54 // SELECT COMMAND
55 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
56 $mashprofiles = '[';
57 $comma = FALSE;
58 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
59 // Manual encode to JSON.
60 if ($comma) {
61 $mashprofiles .= ',';
62 }
63 $comma = TRUE;
64 $mashprofiles .= '{"record":' . $row['record'];
65 $mashprofiles .= ',"name":"' . $row['name'];
66 $mashprofiles .= '","notes":"' . $row['notes'];
67 $mashprofiles .= '","steps":' . $row['steps'];
68 $mashprofiles .= '}';
69 }
70 $mashprofiles .= ']';
71 header("Content-type: application/json");
72 echo $mashprofiles;
73 }
74 ?>

mercurial