--- a/www/includes/db_product.php Fri Nov 23 15:25:54 2018 +0100
+++ b/www/includes/db_product.php Wed Nov 28 21:57:06 2018 +0100
@@ -10,22 +10,12 @@
}
mysqli_set_charset($connect, "utf8" );
-syslog(LOG_NOTICE, "db_product: start");
-
-$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
-$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
-$rescapers = array("'");
-$rreplacements = array("\\'");
-$disallowed = array('visibleindex','uniqueid','boundindex','uid');
-
if (isset($_POST['insert']) || isset($_POST['update'])) {
if (isset($_POST['insert'])) {
- // INSERT COMMAND
$sql = "INSERT INTO `prod_main` SET ";
}
if (isset($_POST['update'])) {
- // UPDATE COMMAND
$sql = "UPDATE `prod_main` SET ";
}
// Basic settings
@@ -44,8 +34,17 @@
$sql .= "', eq_batch_size='" . $_POST['eq_batch_size'];
$sql .= "', eq_tun_volume='" . $_POST['eq_tun_volume'];
$sql .= "', eq_tun_weight='" . $_POST['eq_tun_weight'];
- $sql .= "', eq_tun_specific_heat='" . $_POST['eq_tun_specific_heat'];
- $sql .= "', eq_tun_material='" . $_POST['eq_tun_material'];
+ $material = mysqli_real_escape_string($connect, $_GET['tun_material']);
+ $sql .= "', eq_tun_material='" . $material;
+ if ($material == "RVS") {
+ $sql .= "', eq_tun_specific_heat='0.11";
+ } else if ($material == "Aluminium") {
+ $sql .= "', eq_tun_specific_heat='0.22";
+ } else if ($material == "Kunststof") {
+ $sql .= "', eq_tun_specific_heat='0.46";
+ } else if ($material == "Koper") {
+ $sql .= "', eq_tun_specific_heat='0.092";
+ }
$sql .= "', eq_tun_height='" . $_POST['eq_tun_height'];
$sql .= "', eq_top_up_water='" . $_POST['eq_top_up_water'];
$sql .= "', eq_trub_chiller_loss='" . $_POST['eq_trub_chiller_loss'];
@@ -105,23 +104,16 @@
if (isset($_GET['select']) && ($_GET['select'] == "inprod")) {
$query = "SELECT record,name,code,birth,stage FROM prod_main WHERE stage != 'Closed' ORDER BY birth,code;";
$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
- $brews = '[';
- $comma = FALSE;
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
- // Manual encode to JSON.
- if ($comma)
- $brews .= ',';
- $comma = TRUE;
- $brews .= '{"record":' . $row['record'];
- $brews .= ',"name":"' . str_replace($escapers, $replacements, $row['name']);
- $brews .= '","code":"' . str_replace($escapers, $replacements, $row['code']);
- $brews .= '","birth":"' . str_replace($escapers, $replacements, $row['birth']);
- $brews .= '","stage":"' . str_replace($escapers, $replacements, $row['stage']);
- $brews .= '"}';
+ $brews[] = array(
+ 'record' => $row['record'],
+ 'name' => $row['name'],
+ 'code' => $row['code'],
+ 'birth' => $row['birth'],
+ 'stage' => $row['stage']
+ );
}
- $brews .= ']';
- header("Content-type: application/json");
- echo $brews;
+ echo json_encode($brews);
return;
}
