Mercurial > bms / file diff

--- a/www/includes/db_inventory_equipments.php	Thu Jul 01 13:24:19 2021 +0200
+++ b/www/includes/db_inventory_equipments.php	Sun Jul 04 12:16:25 2021 +0200
@@ -9,6 +9,11 @@
 }
 mysqli_set_charset($connect, "utf8" );
 
+$response = array(
+   'error' => false,
+   'msg' => 'Ok',
+);
+
 if (isset($_POST['insert']) || isset($_POST['update'])) {
 	if (isset($_POST['insert'])) {
 		// INSERT COMMAND
@@ -51,27 +56,40 @@
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_inventory_equipment: ".$sql." result: ".mysqli_error($connect));
-	//} else {
-	//	if (isset($_POST['update'])) {
-	//		syslog(LOG_NOTICE, "db_inventory_equipment: updated record ".$_POST['record']);
-	//	} else {
-	//		$lastid = mysqli_insert_id($connect);
-	//		syslog(LOG_NOTICE, "db_inventory_equipment: inserted record ".$lastid);
-	//	}
+		$response['error'] = true;
+		$response['msg'] = "SQL fout: ".mysqli_error($link);
 	}
-	echo $result;
+	exit(json_encode($response));
 
 } else if (isset($_POST['delete'])) {
-	// DELETE COMMAND
-	// FIXME: need to check if the record is in use
+	// DELETE COMMAND. check if this record is in use.
+	$sql = "SELECT name FROM `inventory_equipments` WHERE record='".$_POST['record']."';";
+	$result = mysqli_query($connect, $sql) or die("SQL Error 1: " . mysqli_error($connect));
+	if (! $result) {
+                syslog(LOG_NOTICE, "db_inventory_equipment: ".$sql." result: ".mysqli_error($connect));
+                $response['error'] = true;
+		$response['msg'] = "SQL fout: ".mysqli_error($link);
+		exit(json_encode($response));
+	}
+	if ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+		$sql = "SELECT eq_name FROM products WHERE eq_name='" . $row['name'] . "';";
+		$result2 = mysqli_query($connect, $sql);
+		$ar = mysqli_affected_rows($connect);
+		if ($ar > 0) {
+			$response['error'] = true;
+                	$response['msg'] = "Installatie wordt ".$ar." maal gebruikt.";
+			exit(json_encode($response));
+		}
+	}
+	// Record not used, delete it.
 	$sql = "DELETE FROM `inventory_equipments` WHERE record='".$_POST['record']."';";
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_inventory_equipment: ".$sql." result: ".mysqli_error($connect));
-	} else {
-		syslog(LOG_NOTICE, "db_inventory_equipment: deleted record ".$_POST['record']);
+		$response['error'] = true;
+		$response['msg'] = "SQL fout: ".mysqli_error($link);
 	}
-	echo $result;
+	exit(json_encode($response));
 
 } else {
 	// SELECT COMMAND
@@ -107,6 +125,12 @@
 		);
 	}
 	header("Content-type: application/json");
-	echo json_encode($equipments);
+	exit(json_encode($equipments));
 }
+
+syslog(LOG_NOTICE, "db_inventory_equipment: missing arguments");
+$response['error'] = true;
+$response['msg'] = "missing arguments";
+echo json_encode($response);
+
 ?>