Mercurial > bms / file diff

diff: www/includes/db_recipes.php

www/includes/db_recipes.php

changeset 60
dbbe408108ea
parent 57
bb9a06aa9acd
child 61
3469979f83be
--- a/www/includes/db_recipes.php	Fri Sep 21 17:10:41 2018 +0200
+++ b/www/includes/db_recipes.php	Sat Sep 22 15:02:43 2018 +0200
@@ -2,9 +2,6 @@
 
 require($_SERVER['DOCUMENT_ROOT']."/config.php");
 require($_SERVER['DOCUMENT_ROOT']."/version.php");
-//require("../config.php");
-//require("../version.php");
-
 
 #Connect to the database
 $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
@@ -18,87 +15,141 @@
 
 // get data and store in a json array
 $query = "SELECT * FROM recipes ORDER BY st_guide,st_letter,st_name,name";
-if (isset($_GET['insert']) || isset($_GET['update'])) {
-	if (isset($_GET['insert'])) {
+if (isset($_POST['insert']) || isset($_POST['update'])) {
+	if (isset($_POST['insert'])) {
 		// INSERT COMMAND
-		$sql  = "INSERT INTO `recipes` SET st_name='" . mysqli_real_escape_string($connect, $_GET['st_name']);
+		$sql  = "INSERT INTO `recipes` SET ";
+	}
+	if (isset($_POST['update'])) {
+		// UPDATE COMMAND
+		$sql  = "UPDATE `recipes` SET ";
 	}
-	if (isset($_GET['update'])) {
-		// UPDATE COMMAND
-		$sql  = "UPDATE `recipes` SET st_name='" . mysqli_real_escape_string($connect, $_GET['st_name']);
+	// Basic settings
+	$sql .=    "st_name='" . mysqli_real_escape_string($connect, $_POST['st_name']);
+	$sql .= "', st_letter='" . mysqli_real_escape_string($connect, $_POST['st_letter']);
+	$sql .= "', st_guide='" . mysqli_real_escape_string($connect, $_POST['st_guide']);
+	$sql .= "', st_og_min='" . $_POST['st_og_min'];
+	$sql .= "', st_og_max='" . $_POST['st_og_max'];
+	$sql .= "', st_fg_min='" . $_POST['st_fg_min'];
+	$sql .= "', st_fg_max='" . $_POST['st_fg_max'];
+	$sql .= "', st_ibu_min='" . $_POST['st_ibu_min'];
+	$sql .= "', st_ibu_max='" . $_POST['st_ibu_max'];
+	$sql .= "', st_color_min='" . $_POST['st_color_min'];
+	$sql .= "', st_color_max='" . $_POST['st_color_max'];
+	$sql .= "', st_carb_min='" . $_POST['st_carb_min'];
+	$sql .= "', st_carb_max='" . $_POST['st_carb_max'];
+	$sql .= "', st_abv_min='" . $_POST['st_abv_min'];
+	$sql .= "', st_abv_max='" . $_POST['st_abv_max'];
+	$sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']);
+	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
+	$sql .= "', type='" . $_POST['type'];
+	$sql .= "', batch_size='" . $_POST['batch_size'];
+	$sql .= "', boil_time='" . $_POST['boil_time'];
+	$sql .= "', efficiency='" . $_POST['efficiency'];
+	$sql .= "', est_og='" . $_POST['est_og'];
+	$sql .= "', est_fg='" . $_POST['est_fg'];
+	$sql .= "', est_color='" . $_POST['est_color'];
+	$sql .= "', color_method='" . $_POST['color_method'];
+	$sql .= "', est_ibu='" . $_POST['est_ibu'];
+	$sql .= "', ibu_method='" . $_POST['ibu_method'];
+	$sql .= "', mash_sparge_temp='" . $_POST['mash_sparge_temp'];
+	$sql .= "', mash_ph='" . $_POST['mash_ph'];
+	$sql .= "', mash_name='" . $_POST['mash_name'];
+	syslog(LOG_NOTICE, $sql);
+
+	if (isset($_POST['fermentables'])) {
+		$array = $_POST['fermentables'];
+		foreach($array as $key => $item){
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
+		}
+		syslog(LOG_NOTICE, "json_fermentables=: ".json_encode($array));
+		$sql .= "', json_fermentables='" . json_encode($array);
 	}
-	$sql .= "', st_letter='" . mysqli_real_escape_string($connect, $_GET['st_letter']);
-	$sql .= "', st_guide='" . mysqli_real_escape_string($connect, $_GET['st_guide']);
-	$sql .= "', st_og_min='" . $_GET['st_og_min'];
-	$sql .= "', st_og_max='" . $_GET['st_og_max'];
-	$sql .= "', st_fg_min='" . $_GET['st_fg_min'];
-	$sql .= "', st_fg_max='" . $_GET['st_fg_max'];
-	$sql .= "', st_ibu_min='" . $_GET['st_ibu_min'];
-	$sql .= "', st_ibu_max='" . $_GET['st_ibu_max'];
-	$sql .= "', st_color_min='" . $_GET['st_color_min'];
-	$sql .= "', st_color_max='" . $_GET['st_color_max'];
-	$sql .= "', st_carb_min='" . $_GET['st_carb_min'];
-	$sql .= "', st_carb_max='" . $_GET['st_carb_max'];
-	$sql .= "', st_abv_min='" . $_GET['st_abv_min'];
-	$sql .= "', st_abv_max='" . $_GET['st_abv_max'];
-	$sql .= "', name='" . mysqli_real_escape_string($connect, $_GET['name']);
-	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
-	$sql .= "', type='" . $_GET['type'];
-	$sql .= "', batch_size='" . $_GET['batch_size'];
-	$sql .= "', boil_time='" . $_GET['boil_time'];
-	$sql .= "', efficiency='" . $_GET['efficiency'];
-	$sql .= "', est_og='" . $_GET['est_og'];
-	$sql .= "', est_fg='" . $_GET['est_fg'];
-	$sql .= "', est_color='" . $_GET['est_color'];
-	$sql .= "', color_method='" . $_GET['color_method'];
-	$sql .= "', est_ibu='" . $_GET['est_ibu'];
-	$sql .= "', ibu_method='" . $_GET['ibu_method'];
-	$sql .= "', mash_sparge_temp='" . $_GET['mash_sparge_temp'];
-	$sql .= "', mash_ph='" . $_GET['mash_ph'];
-	$sql .= "', mash_name='" . $_GET['mash_name'];
+
+	if (isset($_POST['hops'])) {
+		$array = $_POST['hops'];
+		foreach($array as $key => $item){
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
+		}
+		syslog(LOG_NOTICE, "json_hops: ".json_encode($array));
+		$sql .= "', json_hops='" . json_encode($array);
+	}
+
+	if (isset($_POST['miscs'])) {
+		$array = $_POST['miscs'];
+		foreach($array as $key => $item){ 
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
+		}
+		syslog(LOG_NOTICE, "json_miscs: ".json_encode($array));
+		$sql .= "', json_miscs='" . json_encode($array);
+	}
 
-	syslog(LOG_NOTICE, $sql);	// Log upto this part.
-
-	$array = $_GET['fermentables'];
-	foreach($array as $key => $item){
-		foreach ($disallowed as $disallowed_key) {
-			unset($array[$key]["$disallowed_key"]);
+	if (isset($_POST['yeasts'])) {
+		$array = $_POST['yeasts'];
+		foreach($array as $key => $item){
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
 		}
+		syslog(LOG_NOTICE, "json_yeasts: ".json_encode($array));
+		$sql .= "', json_yeasts='" . json_encode($array);
 	}
-	syslog(LOG_NOTICE, "json_fermentables: " . json_encode($array));
-	$sql .= "', json_fermentables='" . json_encode($array);
 
-	$array = $_GET['waters'];
-	foreach($array as $key => $item){
-		foreach ($disallowed as $disallowed_key) {
-			unset($array[$key]["$disallowed_key"]);
+	if (isset($_POST['waters'])) {
+		$array = $_POST['waters'];
+		foreach($array as $key => $item){
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
 		}
+		syslog(LOG_NOTICE, "json_waters: ".json_encode($array));
+		$sql .= "', json_waters='" . json_encode($array);
 	}
-	syslog(LOG_NOTICE, "json_waters: " . json_encode($array));
-	$sql .= "', json_waters='" . json_encode($array);
 
-	if (isset($_GET['insert'])) {
+	if (isset($_POST['mashs'])) {
+		$array = $_POST['mashs'];
+		foreach($array as $key => $item){
+			foreach ($disallowed as $disallowed_key) {
+				unset($array[$key]["$disallowed_key"]);
+			}
+		}
+		syslog(LOG_NOTICE, "json_mashs: ".json_encode($array));
+		$sql .= "', json_mashs='" . json_encode($array);
+	}
+
+	if (isset($_POST['insert'])) {
 		$sql .= "';";
 	}
-	if (isset($_GET['update'])) {
-		$sql .= "' WHERE record='" . $_GET['record'] . "';";
+	if (isset($_POST['update'])) {
+		$sql .= "' WHERE record='" . $_POST['record'] . "';";
 	}
-//	$result = mysqli_query($connect, $sql);
-//	if (! $result) {
-//		syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect));
-//	} else {
-//		syslog(LOG_NOTICE, "db_recipes: inserted ".$_GET['name']);
-//	}
-//	echo $result;
 
-} else if (isset($_GET['delete'])) {
-	// DELETE COMMAND
-	$sql = "DELETE FROM `recipes` WHERE record='".$_GET['record']."';";
 	$result = mysqli_query($connect, $sql);
 	if (! $result) {
 		syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect));
 	} else {
-		syslog(LOG_NOTICE, "db_recipes: deleted record ".$_GET['record']);
+		if (isset($_POST['update'])) {
+			syslog(LOG_NOTICE, "db_recipes: updated record ".$_POST['record']);
+		} else {
+			syslog(LOG_NOTICE, "db_recipes: inserted ".$_POST['name']);
+		}
+	}
+	echo $result;
+
+} else if (isset($_POST['delete'])) {
+	// DELETE COMMAND
+	$sql = "DELETE FROM `recipes` WHERE record='".$_POST['record']."';";
+	$result = mysqli_query($connect, $sql);
+	if (! $result) {
+		syslog(LOG_NOTICE, "db_recipes: ".$sql." result: ".mysqli_error($connect));
+	} else {
+		syslog(LOG_NOTICE, "db_recipes: deleted record ".$_POST['record']);
 	}
 	echo $result;

Mercurial Repository: bms

mercurial