Mercurial > bms / file diff

diff: www/includes/db_profile_fermentation.php

www/includes/db_profile_fermentation.php

changeset 217
318aab371497
parent 189
6470e5c6a001
child 716
57118e6a4bdb
--- a/www/includes/db_profile_fermentation.php	Sun Jan 27 17:39:53 2019 +0100
+++ b/www/includes/db_profile_fermentation.php	Sun Jan 27 20:40:24 2019 +0100
@@ -14,55 +14,61 @@
 $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
 $rescapers = array("'");
 $rreplacements = array("\\'");
-$disallowed = array('visibleindex','uniqueid','boundindex','uid','undefined');
 
-if (isset($_GET['insert']) || isset($_GET['update'])) {
-	if (isset($_GET['insert'])) {
+if (isset($_POST['insert']) || isset($_POST['update'])) {
+	if (isset($_POST['insert'])) {
 		$sql  = "INSERT INTO `profile_fermentation` SET ";
 	}
-	if (isset($_GET['update'])) {
+	if (isset($_POST['update'])) {
 		$sql  = "UPDATE `profile_fermentation` SET ";
 	}
 
-	if (isset($_GET['uuid']) && (strlen($_GET['uuid']) == 36)) {
-		$sql .= "uuid='" . $_GET['uuid'];
+	if (isset($_POST['uuid']) && (strlen($_POST['uuid']) == 36)) {
+		$sql .= "uuid='" . $_POST['uuid'];
 	} else {
 		$uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid'));
 		$sql .= "uuid='" . $uuid;
 	}
 
-	$sql .= "', name='" . mysqli_real_escape_string($connect, $_GET['name']);
-	$sql .= "', inittemp_lo='" . floatval($_GET['inittemp_lo']);
-	$sql .= "', inittemp_hi='" . floatval($_GET['inittemp_hi']);
-	($_GET['fridgemode'] == 'true') ? $sql .= "', fridgemode='1" : $sql .= "', fridgemode='0";
-	$array = $_GET['steps'];
+	$sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
+	$sql .= "', inittemp_lo='" . floatval($_POST['inittemp_lo']);
+	$sql .= "', inittemp_hi='" . floatval($_POST['inittemp_hi']);
+	($_POST['fridgemode'] == 'true') ? $sql .= "', fridgemode='1" : $sql .= "', fridgemode='0";
+	$array = $_POST['steps'];
 	// Don't believe given duration and number of steps, recalculate.
 	$duration = 0;
 	$totalsteps = 0;
+	$steps = '[';
 	foreach($array as $key => $item) {
+		if ($totalsteps > 0)
+			$steps.= ',';
 		$totalsteps++;
 		$duration += $item['steptime'] + $item['resttime'];
-		foreach ($disallowed as $disallowed_key) {
-			unset($array[$key]["$disallowed_key"]);
-		}
+		$steps .= '{"name":"' . str_replace($rescapers,$rreplacements,$item['name']);
+		$steps .= '","steptime":' . $item['steptime'];
+		$steps .= ',"resttime":' . $item['resttime'];
+		$steps .= ',"target_lo":' . $item['target_lo'];
+		$steps .= ',"target_hi":' . $item['target_hi'];
+		$steps .= ',"fridgemode":' . $item['fridgemode'] . '}';
 	}
+	$steps .= ']';
 	$sql .= "', totalsteps='" . $totalsteps;
 	$sql .= "', duration='" . $duration;
-//	syslog(LOG_NOTICE, "steps=: ". str_replace($rescapers,$rreplacements,json_encode($array)));
+	syslog(LOG_NOTICE, $steps);
 	$sql .= "', steps='" . str_replace($rescapers,$rreplacements,json_encode($array));
-	if (isset($_GET['insert'])) {
+	if (isset($_POST['insert'])) {
 		$sql .= "';";
 	}
-	if (isset($_GET['update'])) {
-		$sql .= "' WHERE record='" . $_GET['record'] . "';";
+	if (isset($_POST['update'])) {
+		$sql .= "' WHERE record='" . $_POST['record'] . "';";
 	}
 	syslog(LOG_NOTICE, $sql);
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_profile_fermentation: ".$sql." result: ".mysqli_error($connect));
 	} else {
-		if (isset($_GET['update'])) {
-			syslog(LOG_NOTICE, "db_profile_fermentation: updated record ".$_GET['record']);
+		if (isset($_POST['update'])) {
+			syslog(LOG_NOTICE, "db_profile_fermentation: updated record ".$_POST['record']);
 		} else {
 			$lastid = mysqli_insert_id($connect);
 			syslog(LOG_NOTICE, "db_profile_fermentation: inserted record ".$lastid);
@@ -70,14 +76,14 @@
 	}
 	echo $result;
 
-} else if (isset($_GET['delete'])) {
+} else if (isset($_POST['delete'])) {
 	// DELETE COMMAND
-	$sql = "DELETE FROM `profile_fermentation` WHERE record='".$_GET['record']."';";
+	$sql = "DELETE FROM `profile_fermentation` WHERE record='".$_POST['record']."';";
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_profile_fermentation: ".$sql." result: ".mysqli_error($connect));
 	} else {
-		syslog(LOG_NOTICE, "db_profile_fermentation: deleted record ".$_GET['record']);
+		syslog(LOG_NOTICE, "db_profile_fermentation: deleted record ".$_POST['record']);
 	}
 	echo $result;
 
@@ -105,7 +111,7 @@
 		$profiles .= '}';
 	}
 	$profiles .= ']';
-	syslog(LOG_NOTICE, $profiles);
+//	syslog(LOG_NOTICE, $profiles);
 	header("Content-type: application/json");
 	echo $profiles;
 }

Mercurial Repository: bms

mercurial