--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/www/includes/db_inventory_miscs.php Fri Aug 17 15:20:56 2018 +0200 @@ -0,0 +1,93 @@ +<?php + +require($_SERVER['DOCUMENT_ROOT']."/config.php"); +require($_SERVER['DOCUMENT_ROOT']."/version.php"); + +#Connect to the database +$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); +if (! $connect) { + die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); +} + +// get data and store in a json array +$query = "SELECT * FROM inventory_miscs"; +if (isset($_GET['insert'])) { + // INSERT COMMAND + $sql = "INSERT INTO `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); + $sql .= "', type='" . $_GET['type']; + $sql .= "', use_use='" . $_GET['use_use']; + $sql .= "', time='" . $_GET['time']; + ($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0"; + $sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']); + $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); + ($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0"; + $sql .= "', inventory='" . $_GET['inventory']; + $sql .= "', cost='" . $_GET['cost']; + $sql .= "', production_date='" . $_GET['production_date']; + $sql .= "', tht_date='" . $_GET['tht_date']; + $sql .= "';"; + $result = mysqli_query($connect, $sql); + if (! $result) { + syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); + } else { + syslog(LOG_NOTICE, "db_inventory_miscs: inserted ".$_GET['name']); + } + echo $result; + +} else if (isset($_GET['update'])) { + // UPDATE COMMAND + $sql = "UPDATE `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); + $sql .= "', type='" . $_GET['type']; + $sql .= "', use_use='" . $_GET['use_use']; + $sql .= "', time='" . $_GET['time']; + ($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0"; + $sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']); + $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); + ($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0"; + $sql .= "', inventory='" . $_GET['inventory']; + $sql .= "', cost='" . $_GET['cost']; + $sql .= "', production_date='" . $_GET['production_date']; + $sql .= "', tht_date='" . $_GET['tht_date']; + $sql .= "' WHERE record='" . $_GET['record'] . "';"; + $result = mysqli_query($connect, $sql); + if (! $result) { + syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); + } else { + syslog(LOG_NOTICE, "db_inventory_miscs: updated record ".$_GET['record']); + } + echo $result; + +} else if (isset($_GET['delete'])) { + // DELETE COMMAND + $sql = "DELETE FROM `inventory_miscs` WHERE record='".$_GET['record']."';"; + $result = mysqli_query($connect, $sql); + if (! $result) { + syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); + } else { + syslog(LOG_NOTICE, "db_inventory_miscs: deleted record ".$_GET['record']); + } + echo $result; + +} else { + // SELECT COMMAND + $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); + while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { + $miscs[] = array( + 'record' => $row['record'], + 'name' => $row['name'], + 'type' => $row['type'], + 'use_use' => $row['use_use'], + 'time' => $row['time'], + 'amount_is_weight' => $row['amount_is_weight'], + 'use_for' => $row['use_for'], + 'notes' => $row['notes'], + 'always_on_stock' => $row['always_on_stock'], + 'inventory' => $row['inventory'], + 'cost' => $row['cost'], + 'production_date' => $row['production_date'], + 'tht_date' => $row['tht_date'] + ); + } + echo json_encode($miscs); +} +?>