Mercurial > bms / file comparison

comparison: www/includes/db_inventory_mash_profiles.php

www/includes/db_inventory_mash_profiles.php

changeset 38
b7d44c98d609
parent 25
d9da6c40dff5
equal deleted inserted replaced
37:9362eb9e9e5b 38:b7d44c98d609
8 if (! $connect) { 8 if (! $connect) {
9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); 9 die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
10 } 10 }
11 11
12 // get data and store in a json array 12 // get data and store in a json array
13 $query = "SELECT * FROM inventory_mash_profiles"; 13 $query = "SELECT * FROM inventory_mash_profiles ORDER BY name";
14 if (isset($_GET['insert'])) { 14 if (isset($_GET['insert'])) {
15 // INSERT COMMAND 15 // INSERT COMMAND
16 $sql = "INSERT INTO `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 16 $sql = "INSERT INTO `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
17 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); 17 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
18 $sql .= "', steps='" . mysqli_real_escape_string($connect, $_GET['steos']); 18 $sql .= "', steps='" . json_encode($_GET['steps']);
19 $sql .= "';"; 19 $sql .= "';";
20 $result = mysqli_query($connect, $sql); 20 $result = mysqli_query($connect, $sql);
21 if (! $result) { 21 if (! $result) {
22 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); 22 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect));
23 } else { 23 } else {
27 27
28 } else if (isset($_GET['update'])) { 28 } else if (isset($_GET['update'])) {
29 // UPDATE COMMAND 29 // UPDATE COMMAND
30 $sql = "UPDATE `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); 30 $sql = "UPDATE `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
31 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); 31 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
32 $sql .= "', steps='" . mysqli_real_escape_string($connect, $_GET['steos']); 32 $sql .= "', steps='" . json_encode($_GET['steps']);
33 $sql .= "' WHERE record='" . $_GET['record'] . "';"; 33 $sql .= "' WHERE record='" . $_GET['record'] . "';";
34 $result = mysqli_query($connect, $sql); 34 $result = mysqli_query($connect, $sql);
35 if (! $result) { 35 if (! $result) {
36 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); 36 syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect));
37 } else { 37 } else {
51 echo $result; 51 echo $result;
52 52
53 } else { 53 } else {
54 // SELECT COMMAND 54 // SELECT COMMAND
55 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); 55 $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
56 $mashprofiles = '[';
57 $comma = FALSE;
56 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { 58 while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
57 $suppliers[] = array( 59 // Manual encode to JSON.
58 'record' => $row['record'], 60 if ($comma) {
59 'name' => $row['name'], 61 $mashprofiles .= ',';
60 'notes' => $row['notes'], 62 }
61 'steps' => $row['steps'] 63 $comma = TRUE;
62 ); 64 $mashprofiles .= '{"record":' . $row['record'];
65 $mashprofiles .= ',"name":"' . $row['name'];
66 $mashprofiles .= '","notes":"' . $row['notes'];
67 $mashprofiles .= '","steps":' . $row['steps'];
68 $mashprofiles .= '}';
63 } 69 }
64 echo json_encode($suppliers); 70 $mashprofiles .= ']';
71 header("Content-type: application/json");
72 echo $mashprofiles;
65 } 73 }
66 ?> 74 ?>

Mercurial Repository: bms

mercurial