--- a/www/includes/db_inventory_styles.php Wed Aug 29 16:23:57 2018 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,123 +0,0 @@ -<?php - -require($_SERVER['DOCUMENT_ROOT']."/config.php"); -require($_SERVER['DOCUMENT_ROOT']."/version.php"); - -#Connect to the database -$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); -if (! $connect) { - die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); -} - -// get data and store in a json array -$query = "SELECT * FROM inventory_styles ORDER BY name"; -if (isset($_GET['insert'])) { - // INSERT COMMAND - $sql = "INSERT INTO `inventory_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); - $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); - $sql .= "', category_number='" . $_GET['category_number']; - $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); - $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); - $sql .= "', type='" . $_GET['type']; - $sql .= "', og_min='" . $_GET['og_min']; - $sql .= "', og_max='" . $_GET['og_max']; - $sql .= "', fg_min='" . $_GET['fg_min']; - $sql .= "', fg_max='" . $_GET['fg_max']; - $sql .= "', ibu_min='" . $_GET['ibu_min']; - $sql .= "', ibu_max='" . $_GET['ibu_max']; - $sql .= "', color_min='" . $_GET['color_min']; - $sql .= "', color_max='" . $_GET['color_max']; - $sql .= "', carb_min='" . $_GET['carb_min']; - $sql .= "', carb_max='" . $_GET['carb_max']; - $sql .= "', abv_min='" . $_GET['abv_min']; - $sql .= "', abv_max='" . $_GET['abv_max']; - $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); - $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); - $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); - $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); - $sql .= "';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_styles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_styles: inserted ".$_GET['name']); - } - echo $result; - -} else if (isset($_GET['update'])) { - // UPDATE COMMAND - $sql = "UPDATE `inventory_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); - $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); - $sql .= "', category_number='" . $_GET['category_number']; - $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); - $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); - $sql .= "', type='" . $_GET['type']; - $sql .= "', og_min='" . $_GET['og_min']; - $sql .= "', og_max='" . $_GET['og_max']; - $sql .= "', fg_min='" . $_GET['fg_min']; - $sql .= "', fg_max='" . $_GET['fg_max']; - $sql .= "', ibu_min='" . $_GET['ibu_min']; - $sql .= "', ibu_max='" . $_GET['ibu_max']; - $sql .= "', color_min='" . $_GET['color_min']; - $sql .= "', color_max='" . $_GET['color_max']; - $sql .= "', carb_min='" . $_GET['carb_min']; - $sql .= "', carb_max='" . $_GET['carb_max']; - $sql .= "', abv_min='" . $_GET['abv_min']; - $sql .= "', abv_max='" . $_GET['abv_max']; - $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); - $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); - $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); - $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); - $sql .= "' WHERE record='" . $_GET['record'] . "';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_styles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_styles: updated record ".$_GET['record']); - } - echo $result; - -} else if (isset($_GET['delete'])) { - // DELETE COMMAND - $sql = "DELETE FROM `inventory_styles` WHERE record='".$_GET['record']."';"; - $result = mysqli_query($connect, $sql); - if (! $result) { - syslog(LOG_NOTICE, "db_inventory_styles: ".$sql." result: ".mysqli_error($connect)); - } else { - syslog(LOG_NOTICE, "db_inventory_styles: deleted record ".$_GET['record']); - } - echo $result; - -} else { - // SELECT COMMAND - $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); - while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { - $styles[] = array( - 'record' => $row['record'], - 'name' => $row['name'], - 'category' => $row['category'], - 'category_number' => $row['category_number'], - 'style_letter' => $row['style_letter'], - 'style_guide' => $row['style_guide'], - 'type' => $row['type'], - 'og_min' => $row['og_min'], - 'og_max' => $row['og_max'], - 'fg_min' => $row['fg_min'], - 'fg_max' => $row['fg_max'], - 'ibu_min' => $row['ibu_min'], - 'ibu_max' => $row['ibu_max'], - 'color_min' => $row['color_min'], - 'color_max' => $row['color_max'], - 'carb_min' => $row['carb_min'], - 'carb_max' => $row['carb_max'], - 'abv_min' => $row['abv_min'], - 'abv_max' => $row['abv_max'], - 'notes' => $row['notes'], - 'profile' => $row['profile'], - 'ingredients' => $row['ingredients'], - 'examples' => $row['examples'] - ); - } - echo json_encode($styles); -} -?>