--- a/www/includes/db_inventory_suppliers.php	Sun Feb 06 20:06:46 2022 +0100
+++ b/www/includes/db_inventory_suppliers.php	Thu Feb 10 22:15:10 2022 +0100
@@ -19,7 +19,14 @@
 $query = "SELECT * FROM inventory_suppliers ORDER BY name";
 if (isset($_POST['insert'])) {
 	// INSERT COMMAND
-	$sql  = "INSERT INTO `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']);
+	$sql  = "INSERT INTO `inventory_suppliers` SET ";
+	if (isset($_POST['uuid']) && (strlen($_POST['uuid']) == 36)) {
+                $sql .= "uuid='" . $_POST['uuid'];
+        } else {
+                $uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid'));
+                $sql .= "uuid='" . $uuid;
+	}
+	$sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
 	$sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']);
 	$sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']);
 	$sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']);
@@ -39,7 +46,8 @@
 
 } else if (isset($_POST['update'])) {
 	// UPDATE COMMAND
-	$sql  = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']);
+	$sql  = "UPDATE `inventory_suppliers` SET uuid='" . $_POST['uuid'];
+	$sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
 	$sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']);
 	$sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']);
 	$sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']);
@@ -74,6 +82,7 @@
 	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
 		$suppliers[] = array(
 			'record' => $row['record'],
+			'uuid' => $row['uuid'],
 			'name' => $row['name'],
 			'address' => $row['address'],
 			'city' => $row['city'],