16 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); |
13 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); |
17 $disallowed = array('visibleindex','uniqueid','boundindex','uid'); |
14 $disallowed = array('visibleindex','uniqueid','boundindex','uid'); |
18 |
15 |
19 // get data and store in a json array |
16 // get data and store in a json array |
20 $query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name"; |
17 $query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name"; |
21 if (isset($_GET['insert']) || isset($_GET['update'])) { |
18 if (isset($_POST['insert']) || isset($_POST['update'])) { |
22 if (isset($_GET['insert'])) { |
19 if (isset($_POST['insert'])) { |
23 // INSERT COMMAND |
20 // INSERT COMMAND |
24 $sql = "INSERT INTO `recipes` SET st_name='" . mysqli_real_escape_string($connect, $_GET['st_name']); |
21 $sql = "INSERT INTO `recipes` SET "; |
25 } |
22 } |
26 if (isset($_GET['update'])) { |
23 if (isset($_POST['update'])) { |
27 // UPDATE COMMAND |
24 // UPDATE COMMAND |
28 $sql = "UPDATE `recipes` SET st_name='" . mysqli_real_escape_string($connect, $_GET['st_name']); |
25 $sql = "UPDATE `recipes` SET "; |
29 } |
26 } |
30 $sql .= "', st_letter='" . mysqli_real_escape_string($connect, $_GET['st_letter']); |
27 // Basic settings |
31 $sql .= "', st_guide='" . mysqli_real_escape_string($connect, $_GET['st_guide']); |
28 $sql .= "st_name='" . mysqli_real_escape_string($connect, $_POST['st_name']); |
32 $sql .= "', st_og_min='" . $_GET['st_og_min']; |
29 $sql .= "', st_letter='" . mysqli_real_escape_string($connect, $_POST['st_letter']); |
33 $sql .= "', st_og_max='" . $_GET['st_og_max']; |
30 $sql .= "', st_guide='" . mysqli_real_escape_string($connect, $_POST['st_guide']); |
34 $sql .= "', st_fg_min='" . $_GET['st_fg_min']; |
31 $sql .= "', st_og_min='" . $_POST['st_og_min']; |
35 $sql .= "', st_fg_max='" . $_GET['st_fg_max']; |
32 $sql .= "', st_og_max='" . $_POST['st_og_max']; |
36 $sql .= "', st_ibu_min='" . $_GET['st_ibu_min']; |
33 $sql .= "', st_fg_min='" . $_POST['st_fg_min']; |
37 $sql .= "', st_ibu_max='" . $_GET['st_ibu_max']; |
34 $sql .= "', st_fg_max='" . $_POST['st_fg_max']; |
38 $sql .= "', st_color_min='" . $_GET['st_color_min']; |
35 $sql .= "', st_ibu_min='" . $_POST['st_ibu_min']; |
39 $sql .= "', st_color_max='" . $_GET['st_color_max']; |
36 $sql .= "', st_ibu_max='" . $_POST['st_ibu_max']; |
40 $sql .= "', st_carb_min='" . $_GET['st_carb_min']; |
37 $sql .= "', st_color_min='" . $_POST['st_color_min']; |
41 $sql .= "', st_carb_max='" . $_GET['st_carb_max']; |
38 $sql .= "', st_color_max='" . $_POST['st_color_max']; |
42 $sql .= "', st_abv_min='" . $_GET['st_abv_min']; |
39 $sql .= "', st_carb_min='" . $_POST['st_carb_min']; |
43 $sql .= "', st_abv_max='" . $_GET['st_abv_max']; |
40 $sql .= "', st_carb_max='" . $_POST['st_carb_max']; |
44 $sql .= "', name='" . mysqli_real_escape_string($connect, $_GET['name']); |
41 $sql .= "', st_abv_min='" . $_POST['st_abv_min']; |
45 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); |
42 $sql .= "', st_abv_max='" . $_POST['st_abv_max']; |
46 $sql .= "', type='" . $_GET['type']; |
43 $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); |
47 $sql .= "', batch_size='" . $_GET['batch_size']; |
44 $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); |
48 $sql .= "', boil_time='" . $_GET['boil_time']; |
45 $sql .= "', type='" . $_POST['type']; |
49 $sql .= "', efficiency='" . $_GET['efficiency']; |
46 $sql .= "', batch_size='" . $_POST['batch_size']; |
50 $sql .= "', est_og='" . $_GET['est_og']; |
47 $sql .= "', boil_time='" . $_POST['boil_time']; |
51 $sql .= "', est_fg='" . $_GET['est_fg']; |
48 $sql .= "', efficiency='" . $_POST['efficiency']; |
52 $sql .= "', est_color='" . $_GET['est_color']; |
49 $sql .= "', est_og='" . $_POST['est_og']; |
53 $sql .= "', color_method='" . $_GET['color_method']; |
50 $sql .= "', est_fg='" . $_POST['est_fg']; |
54 $sql .= "', est_ibu='" . $_GET['est_ibu']; |
51 $sql .= "', est_color='" . $_POST['est_color']; |
55 $sql .= "', ibu_method='" . $_GET['ibu_method']; |
52 $sql .= "', color_method='" . $_POST['color_method']; |
56 $sql .= "', mash_sparge_temp='" . $_GET['mash_sparge_temp']; |
53 $sql .= "', est_ibu='" . $_POST['est_ibu']; |
57 $sql .= "', mash_ph='" . $_GET['mash_ph']; |
54 $sql .= "', ibu_method='" . $_POST['ibu_method']; |
58 $sql .= "', mash_name='" . $_GET['mash_name']; |
55 $sql .= "', mash_sparge_temp='" . $_POST['mash_sparge_temp']; |
59 |
56 $sql .= "', mash_ph='" . $_POST['mash_ph']; |
60 syslog(LOG_NOTICE, $sql); // Log upto this part. |
57 $sql .= "', mash_name='" . $_POST['mash_name']; |
61 |
58 syslog(LOG_NOTICE, $sql); |
62 $array = $_GET['fermentables']; |
59 |
63 foreach($array as $key => $item){ |
60 if (isset($_POST['fermentables'])) { |
64 foreach ($disallowed as $disallowed_key) { |
61 $array = $_POST['fermentables']; |
65 unset($array[$key]["$disallowed_key"]); |
62 foreach($array as $key => $item){ |
66 } |
63 foreach ($disallowed as $disallowed_key) { |
67 } |
64 unset($array[$key]["$disallowed_key"]); |
68 syslog(LOG_NOTICE, "json_fermentables: " . json_encode($array)); |
65 } |
69 $sql .= "', json_fermentables='" . json_encode($array); |
66 } |
70 |
67 syslog(LOG_NOTICE, "json_fermentables=: ".json_encode($array)); |
71 $array = $_GET['waters']; |
68 $sql .= "', json_fermentables='" . json_encode($array); |
72 foreach($array as $key => $item){ |
69 } |
73 foreach ($disallowed as $disallowed_key) { |
70 |
74 unset($array[$key]["$disallowed_key"]); |
71 if (isset($_POST['hops'])) { |
75 } |
72 $array = $_POST['hops']; |
76 } |
73 foreach($array as $key => $item){ |
77 syslog(LOG_NOTICE, "json_waters: " . json_encode($array)); |
74 foreach ($disallowed as $disallowed_key) { |
78 $sql .= "', json_waters='" . json_encode($array); |
75 unset($array[$key]["$disallowed_key"]); |
79 |
76 } |
80 if (isset($_GET['insert'])) { |
77 } |
|
78 syslog(LOG_NOTICE, "json_hops: ".json_encode($array)); |
|
79 $sql .= "', json_hops='" . json_encode($array); |
|
80 } |
|
81 |
|
82 if (isset($_POST['miscs'])) { |
|
83 $array = $_POST['miscs']; |
|
84 foreach($array as $key => $item){ |
|
85 foreach ($disallowed as $disallowed_key) { |
|
86 unset($array[$key]["$disallowed_key"]); |
|
87 } |
|
88 } |
|
89 syslog(LOG_NOTICE, "json_miscs: ".json_encode($array)); |
|
90 $sql .= "', json_miscs='" . json_encode($array); |
|
91 } |
|
92 |
|
93 if (isset($_POST['yeasts'])) { |
|
94 $array = $_POST['yeasts']; |
|
95 foreach($array as $key => $item){ |
|
96 foreach ($disallowed as $disallowed_key) { |
|
97 unset($array[$key]["$disallowed_key"]); |
|
98 } |
|
99 } |
|
100 syslog(LOG_NOTICE, "json_yeasts: ".json_encode($array)); |
|
101 $sql .= "', json_yeasts='" . json_encode($array); |
|
102 } |
|
103 |
|
104 if (isset($_POST['waters'])) { |
|
105 $array = $_POST['waters']; |
|
106 foreach($array as $key => $item){ |
|
107 foreach ($disallowed as $disallowed_key) { |
|
108 unset($array[$key]["$disallowed_key"]); |
|
109 } |
|
110 } |
|
111 syslog(LOG_NOTICE, "json_waters: ".json_encode($array)); |
|
112 $sql .= "', json_waters='" . json_encode($array); |
|
113 } |
|
114 |
|
115 if (isset($_POST['mashs'])) { |
|
116 $array = $_POST['mashs']; |
|
117 foreach($array as $key => $item){ |
|
118 foreach ($disallowed as $disallowed_key) { |
|
119 unset($array[$key]["$disallowed_key"]); |
|
120 } |
|
121 } |
|
122 syslog(LOG_NOTICE, "json_mashs: ".json_encode($array)); |
|
123 $sql .= "', json_mashs='" . json_encode($array); |
|
124 } |
|
125 |
|
126 if (isset($_POST['insert'])) { |
81 $sql .= "';"; |
127 $sql .= "';"; |
82 } |
128 } |
83 if (isset($_GET['update'])) { |
129 if (isset($_POST['update'])) { |
84 $sql .= "' WHERE record='" . $_GET['record'] . "';"; |
130 $sql .= "' WHERE record='" . $_POST['record'] . "';"; |
85 } |
131 } |
86 // $result = mysqli_query($connect, $sql); |
132 |
87 // if (! $result) { |
|
88 // syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); |
|
89 // } else { |
|
90 // syslog(LOG_NOTICE, "db_recipes: inserted ".$_GET['name']); |
|
91 // } |
|
92 // echo $result; |
|
93 |
|
94 } else if (isset($_GET['delete'])) { |
|
95 // DELETE COMMAND |
|
96 $sql = "DELETE FROM `recipes` WHERE record='".$_GET['record']."';"; |
|
97 $result = mysqli_query($connect, $sql); |
133 $result = mysqli_query($connect, $sql); |
98 if (! $result) { |
134 if (! $result) { |
99 syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); |
135 syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); |
100 } else { |
136 } else { |
101 syslog(LOG_NOTICE, "db_recipes: deleted record ".$_GET['record']); |
137 if (isset($_POST['update'])) { |
|
138 syslog(LOG_NOTICE, "db_recipes: updated record ".$_POST['record']); |
|
139 } else { |
|
140 syslog(LOG_NOTICE, "db_recipes: inserted ".$_POST['name']); |
|
141 } |
|
142 } |
|
143 echo $result; |
|
144 |
|
145 } else if (isset($_POST['delete'])) { |
|
146 // DELETE COMMAND |
|
147 $sql = "DELETE FROM `recipes` WHERE record='".$_POST['record']."';"; |
|
148 $result = mysqli_query($connect, $sql); |
|
149 if (! $result) { |
|
150 syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect)); |
|
151 } else { |
|
152 syslog(LOG_NOTICE, "db_recipes: deleted record ".$_POST['record']); |
102 } |
153 } |
103 echo $result; |
154 echo $result; |
104 |
155 |
105 } else { |
156 } else { |
106 // SELECT COMMAND |
157 // SELECT COMMAND |