Mercurial > bms / file diff

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/www/includes/db_inventory_miscs.php	Fri Aug 17 15:20:56 2018 +0200
@@ -0,0 +1,93 @@
+<?php
+
+require($_SERVER['DOCUMENT_ROOT']."/config.php");
+require($_SERVER['DOCUMENT_ROOT']."/version.php");
+
+#Connect to the database
+$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
+if (! $connect) {
+	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
+}
+
+// get data and store in a json array
+$query = "SELECT * FROM inventory_miscs";
+if (isset($_GET['insert'])) {
+	// INSERT COMMAND
+	$sql  = "INSERT INTO `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
+	$sql .= "', type='" . $_GET['type'];
+	$sql .= "', use_use='" . $_GET['use_use'];
+	$sql .= "', time='" . $_GET['time'];
+	($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0";
+	$sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']);
+	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
+	($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
+	$sql .= "', inventory='" . $_GET['inventory'];
+	$sql .= "', cost='" . $_GET['cost'];
+	$sql .= "', production_date='" . $_GET['production_date'];
+	$sql .= "', tht_date='" . $_GET['tht_date'];
+	$sql .= "';";
+	$result = mysqli_query($connect, $sql);
+	if (! $result) {
+		syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect));
+	} else {
+		syslog(LOG_NOTICE, "db_inventory_miscs: inserted ".$_GET['name']);
+	}
+	echo $result;
+
+} else if (isset($_GET['update'])) {
+	// UPDATE COMMAND
+	$sql  = "UPDATE `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
+	$sql .= "', type='" . $_GET['type'];
+	$sql .= "', use_use='" . $_GET['use_use'];
+	$sql .= "', time='" . $_GET['time'];
+	($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0";
+	$sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']);
+	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
+	($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
+	$sql .= "', inventory='" . $_GET['inventory'];
+	$sql .= "', cost='" . $_GET['cost'];
+	$sql .= "', production_date='" . $_GET['production_date'];
+	$sql .= "', tht_date='" . $_GET['tht_date'];
+	$sql .= "' WHERE record='" . $_GET['record'] . "';";
+	$result = mysqli_query($connect, $sql);
+	if (! $result) {
+		syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect));
+	} else {
+		syslog(LOG_NOTICE, "db_inventory_miscs: updated record ".$_GET['record']);
+	}
+	echo $result;
+
+} else if (isset($_GET['delete'])) {
+	// DELETE COMMAND
+	$sql = "DELETE FROM `inventory_miscs` WHERE record='".$_GET['record']."';";
+	$result = mysqli_query($connect, $sql);
+	if (! $result) {
+		syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect));
+	} else {
+		syslog(LOG_NOTICE, "db_inventory_miscs: deleted record ".$_GET['record']);
+	}
+	echo $result;
+
+} else {
+	// SELECT COMMAND
+	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
+	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
+		$miscs[] = array(
+			'record' => $row['record'],
+			'name' => $row['name'],
+			'type' => $row['type'],
+			'use_use' => $row['use_use'],
+			'time' => $row['time'],
+			'amount_is_weight' => $row['amount_is_weight'],
+			'use_for' => $row['use_for'],
+			'notes' => $row['notes'],
+			'always_on_stock' => $row['always_on_stock'],
+			'inventory' => $row['inventory'],
+			'cost' => $row['cost'],
+			'production_date' => $row['production_date'],
+			'tht_date' => $row['tht_date']
+		);
+	}
+	echo json_encode($miscs);
+}
+?>