Mercurial > bms / file diff

diff: www/includes/db_inventory_fermentables.php

www/includes/db_inventory_fermentables.php

changeset 195
2ac491548d8d
parent 77
a9f8de2d7b2b
child 296
69fadd1aded2
--- a/www/includes/db_inventory_fermentables.php	Mon Jan 21 20:45:18 2019 +0100
+++ b/www/includes/db_inventory_fermentables.php	Tue Jan 22 20:27:45 2019 +0100
@@ -12,90 +12,79 @@
 mysqli_set_charset($connect, "utf8" );
 
 // get data and store in a json array
-$query = "SELECT * FROM inventory_fermentables ORDER BY supplier,name";
-if (isset($_GET['insert'])) {
-	// INSERT COMMAND
-	$sql  = "INSERT INTO `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
-	$sql .= "', type='" . $_GET['type'];
-	$sql .= "', yield='" . $_GET['yield'];
-	$sql .= "', color='" . $_GET['color'];
-	($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0";
-	$sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']);
-	$sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']);
-	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
-	$sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff'];
-	$sql .= "', moisture='" . $_GET['moisture'];
-	$sql .= "', diastatic_power='" . $_GET['diastatic_power'];
-	$sql .= "', protein='" . $_GET['protein'];
-	$sql .= "', max_in_batch='" . $_GET['max_in_batch'];
-	($_GET['recommend_mash'] == 'true') ? $sql .= "', recommend_mash='1" : $sql .= "', recommend_mash='0";
-	$sql .= "', ibu_gal_per_lb='" . $_GET['ibu_gal_per_lb'];
-	($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
-	$sql .= "', di_ph='" . $_GET['di_ph'];
-	$sql .= "', acid_to_ph_57='" . $_GET['acid_to_ph_57'];
-	$sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']);
-	$sql .= "', inventory='" . $_GET['inventory'];
-	$sql .= "', cost='" . $_GET['cost'];
-	$sql .= "', production_date='" . $_GET['production_date'];
-	$sql .= "', tht_date='" . $_GET['tht_date'];
-	//$sql .= "', supplier_rec='" . $_GET['supplier_rec'];
-	$sql .= "';";
+if (isset($_POST['insert']) || isset($_POST['update'])) {
+	if (isset($_POST['insert'])) {
+		$sql  = "INSERT INTO `inventory_fermentables` SET ";
+	}
+	if (isset($_POST['update'])) {
+		$sql  = "UPDATE `inventory_fermentables` SET ";
+	}
+
+	$sql .= "name='" . mysqli_real_escape_string($connect, $_POST['name']);
+	$sql .= "', type='" . $_POST['type'];
+	$sql .= "', yield='" . $_POST['yield'];
+	$sql .= "', color='" . $_POST['color'];
+	($_POST['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0";
+	$sql .= "', origin='" . mysqli_real_escape_string($connect, $_POST['origin']);
+	$sql .= "', supplier='" . mysqli_real_escape_string($connect, $_POST['supplier']);
+	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
+	$sql .= "', coarse_fine_diff='" . $_POST['coarse_fine_diff'];
+	$sql .= "', moisture='" . $_POST['moisture'];
+	$sql .= "', diastatic_power='" . $_POST['diastatic_power'];
+	$sql .= "', protein='" . $_POST['protein'];
+	$sql .= "', dissolved_protein='" . $_POST['dissolved_protein'];
+	$sql .= "', max_in_batch='" . $_POST['max_in_batch'];
+	($_POST['recommend_mash'] == 'true') ? $sql .= "', recommend_mash='1" : $sql .= "', recommend_mash='0";
+	$sql .= "', added='" . $_POST['added'];
+	($_POST['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
+	$sql .= "', di_ph='" . $_POST['di_ph'];
+	$sql .= "', acid_to_ph_57='" . $_POST['acid_to_ph_57'];
+	$sql .= "', graintype='" . $_POST['graintype'];
+	$sql .= "', inventory='" . $_POST['inventory'];
+	$sql .= "', cost='" . $_POST['cost'] . "'";
+	if ($_POST['production_date'] == '')
+		$sql .= ", production_date=NULL";
+	else
+		$sql .= ", production_date='" . $_POST['production_date'] . "'";
+	if ($_POST['tht_date'] == '')
+		$sql .= ", tht_date=NULL";
+	else
+		$sql .= ", tht_date='" . $_POST['tht_date'] . "'";
+	if (isset($_POST['insert'])) {
+		$sql .= ";";
+	}
+	if (isset($_POST['update'])) {
+		$sql .= " WHERE record='" . $_POST['record'] . "';";
+	}
+	syslog(LOG_NOTICE, $sql);
+
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect));
 	} else {
-		syslog(LOG_NOTICE, "db_inventory_fermentables: inserted ".$_GET['name']);
+		if (isset($_POST['update'])) {
+			syslog(LOG_NOTICE, "db_inventory_fermentables: updated record ".$_POST['record']);
+		} else {
+			$lastid = mysqli_insert_id($connect);
+			syslog(LOG_NOTICE, "db_inventory_fermentables: inserted record ".$lastid);
+		}
 	}
 	echo $result;
 
-} else if (isset($_GET['update'])) {
-	// UPDATE COMMAND
-	$sql  = "UPDATE `inventory_fermentables` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
-	$sql .= "', type='" . $_GET['type'];
-	$sql .= "', yield='" . $_GET['yield'];
-	$sql .= "', color='" . $_GET['color'];
-	($_GET['add_after_boil'] == 'true') ? $sql .= "', add_after_boil='1" : $sql .= "', add_after_boil='0";
-	$sql .= "', origin='" . mysqli_real_escape_string($connect, $_GET['origin']);
-	$sql .= "', supplier='" . mysqli_real_escape_string($connect, $_GET['supplier']);
-	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
-	$sql .= "', coarse_fine_diff='" . $_GET['coarse_fine_diff'];
-	$sql .= "', moisture='" . $_GET['moisture'];
-	$sql .= "', diastatic_power='" . $_GET['diastatic_power'];
-	$sql .= "', protein='" . $_GET['protein'];
-	$sql .= "', max_in_batch='" . $_GET['max_in_batch'];
-	($_GET['recommend_mash'] == 'true') ? $sql .= "', recommend_mash='1" : $sql .= "', recommend_mash='0";
-	$sql .= "', ibu_gal_per_lb='" . $_GET['ibu_gal_per_lb'];
-	($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
-	$sql .= "', di_ph='" . $_GET['di_ph'];
-	$sql .= "', acid_to_ph_57='" . $_GET['acid_to_ph_57'];
-	$sql .= "', graintype='" . mysqli_real_escape_string($connect, $_GET['graintype']);
-	$sql .= "', inventory='" . $_GET['inventory'];
-	$sql .= "', cost='" . $_GET['cost'];
-	$sql .= "', production_date='" . $_GET['production_date'];
-	$sql .= "', tht_date='" . $_GET['tht_date'];
-	//$sql .= "', supplier_rec='" . $_GET['supplier_rec'];
-	$sql .= "' WHERE record='" . $_GET['record'] . "';";
+} else if (isset($_POST['delete'])) {
+	// DELETE COMMAND
+	$sql = "DELETE FROM `inventory_fermentables` WHERE record='".$_POST['record']."';";
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect));
 	} else {
-		syslog(LOG_NOTICE, "db_inventory_fermentables: updated record ".$_GET['record']);
-	}
-	echo $result;
-
-} else if (isset($_GET['delete'])) {
-	// DELETE COMMAND
-	$sql = "DELETE FROM `inventory_fermentables` WHERE record='".$_GET['record']."';";
-	$result = mysqli_query($connect, $sql);
-	if (! $result) {
-		syslog(LOG_NOTICE, "db_inventory_fermentables: ".$sql." result: ".mysqli_error($connect));
-	} else {
-		syslog(LOG_NOTICE, "db_inventory_fermentables: deleted record ".$_GET['record']);
+		syslog(LOG_NOTICE, "db_inventory_fermentables: deleted record ".$_POST['record']);
 	}
 	echo $result;
 
 } else {
 	// SELECT COMMAND
+	$query = "SELECT * FROM inventory_fermentables ORDER BY supplier,name";
 	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
 	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
 		$fermentables[] = array(
@@ -112,9 +101,10 @@
 			'moisture' => $row['moisture'],
 			'diastatic_power' => $row['diastatic_power'],
 			'protein' => $row['protein'],
+			'dissolved_protein' => $row['dissolved_protein'],
 			'max_in_batch' => $row['max_in_batch'],
 			'recommend_mash' => $row['recommend_mash'],
-			'ibu_gal_per_lb' => $row['ibu_gal_per_lb'],
+			'added' => $row['added'],
 			'always_on_stock' => $row['always_on_stock'],
 			'di_ph' => $row['di_ph'],
 			'acid_to_ph_57' => $row['acid_to_ph_57'],

Mercurial Repository: bms

mercurial