--- a/www/includes/db_inventory_mash_profiles.php Wed Aug 29 16:23:57 2018 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,74 +0,0 @@ -<?php - -require($_SERVER['DOCUMENT_ROOT']."/config.php"); -require($_SERVER['DOCUMENT_ROOT']."/version.php"); - -#Connect to the database -$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); -if (! $connect) { - die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); -} - -// get data and store in a json array -$query = "SELECT * FROM inventory_mash_profiles ORDER BY name"; -if (isset($_GET['insert'])) { - // INSERT COMMAND - $sql = "INSERT INTO `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); - $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); - $sql .= "', steps='" . json_encode($_GET['steps']); - $sql .= "';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: inserted ".$_GET['name']); - } - echo $result; - -} else if (isset($_GET['update'])) { - // UPDATE COMMAND - $sql = "UPDATE `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); - $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); - $sql .= "', steps='" . json_encode($_GET['steps']); - $sql .= "' WHERE record='" . $_GET['record'] . "';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: updated record ".$_GET['record']); - } - echo $result; - -} else if (isset($_GET['delete'])) { - // DELETE COMMAND - $sql = "DELETE FROM `inventory_mash_profiles` WHERE record='".$_GET['record']."';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_mash_profiles: deleted record ".$_GET['record']); - } - echo $result; - -} else { - // SELECT COMMAND - $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); - $mashprofiles = '['; - $comma = FALSE; - while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { - // Manual encode to JSON. - if ($comma) { - $mashprofiles .= ','; - } - $comma = TRUE; - $mashprofiles .= '{"record":' . $row['record']; - $mashprofiles .= ',"name":"' . $row['name']; - $mashprofiles .= '","notes":"' . $row['notes']; - $mashprofiles .= '","steps":' . $row['steps']; - $mashprofiles .= '}'; - } - $mashprofiles .= ']'; - header("Content-type: application/json"); - echo $mashprofiles; -} -?>