Mercurial > bms / file diff

diff: www/cmd_ispindel.php

www/cmd_ispindel.php

changeset 578
e75ce5bbda73
parent 570
c8a20234d7e7
child 593
e0230bf4ac3f
--- a/www/cmd_ispindel.php	Fri Jan 03 15:21:22 2020 +0100
+++ b/www/cmd_ispindel.php	Sun Jan 05 11:42:02 2020 +0100
@@ -7,18 +7,23 @@
         die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
 }
 mysqli_set_charset($connect, "utf8" );
+$sql = "";
 
-$sql  = "UPDATE `mon_ispindels` SET ";
-$sql .=    "beername='" . mysqli_real_escape_string($connect, $_POST['beername']);
-$sql .= "', beercode='" . mysqli_real_escape_string($connect, $_POST['beercode']);
-$sql .= "', beeruuid='" . mysqli_real_escape_string($connect, $_POST['beeruuid']);
-$sql .= "' WHERE node='" . $_POST['node'] . "';";
+if (isset($_POST['beername']) && isset($_POST['beercode']) && isset($_POST['beeruuid'])) {
+	$sql  = "UPDATE `mon_ispindels` SET ";
+	$sql .=    "beername='" . mysqli_real_escape_string($connect, $_POST['beername']);
+	$sql .= "', beercode='" . mysqli_real_escape_string($connect, $_POST['beercode']);
+	$sql .= "', beeruuid='" . mysqli_real_escape_string($connect, $_POST['beeruuid']);
+	$sql .= "' WHERE uuid='" . $_POST['uuid'] . "';";
+} else if (isset($_POST['mode'])) {
+	$sql  = "UPDATE `mon_ispindels` SET mode='" .$_POST['mode'] . "' WHERE uuid='" . $_POST['uuid'] . "';";
+}
 
 $result = mysqli_query($connect, $sql);
 if (! $result) {
 	syslog(LOG_NOTICE, "cmd_ispindel: result: ".mysqli_error($connect));
 } else {
-	syslog(LOG_NOTICE, "cmd_ispindel: updated record ".$_POST['node']);
+	syslog(LOG_NOTICE, "cmd_ispindel: updated record ".$_POST['uuid']);
 }
 echo $result;
 ?>

Mercurial Repository: bms

mercurial