Sat, 06 Aug 2022 21:15:21 +0200
Packagig is now a viewer.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); $rescapers = array("'"); $rreplacements = array("\\'"); $response = array( 'error' => false, 'msg' => 'Ok', ); if (isset($_POST['insert']) || isset($_POST['update'])) { if (isset($_POST['insert'])) { $sql = "INSERT INTO"; } if (isset($_POST['update'])) { $sql = "UPDATE"; } $sql .= " `profile_mash` SET "; if (isset($_POST['uuid']) && (strlen($_POST['uuid']) == 36)) { $sql .= "uuid='" . $_POST['uuid']; } else { $uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid')); $sql .= "uuid='" . $uuid; } $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $array = $_POST['steps']; $comma = FALSE; $steps = '['; foreach($array as $key => $item) { /* * Manual encode to json. This eliminates the wrong UTF-8 encodings * but also removes the unwanted fields. */ if ($comma) $steps.= ','; $steps .= '{"step_name":"' . str_replace($rescapers,$rreplacements,$item['step_name']); $steps .= '","step_type":' . $item['step_type']; $steps .= ',"step_temp":' . $item['step_temp']; $steps .= ',"end_temp":' . $item['end_temp']; $steps .= ',"step_time":' . $item['step_time']; $steps .= ',"ramp_time":' . $item['ramp_time'] . '}'; $comma = TRUE; } $steps .= ']'; $sql .= "', steps='" . $steps; if (isset($_POST['insert'])) { $sql .= "';"; } if (isset($_POST['update'])) { $sql .= "' WHERE record='" . $_POST['record'] . "';"; } $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); $response['error'] = true; $response['msg'] = "SQL fout: ".mysqli_error($connect); } exit(json_encode($response)); } else if (isset($_POST['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `profile_mash` WHERE record='".$_POST['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); $response['error'] = true; $response['msg'] = "SQL fout: ".mysqli_error($connect); } exit(json_encode($response)); } else { // SELECT COMMAND $query = "SELECT record,JSON_QUOTE(name),JSON_QUOTE(notes),steps,JSON_QUOTE(uuid) FROM profile_mash ORDER BY name"; $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); $mashprofiles = '['; $comma = FALSE; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { // Manual encode to JSON. if ($comma) { $mashprofiles .= ','; } $comma = TRUE; $mashprofile = '{"record":' . $row['record']; $mashprofile .= ',"name":' . $row['JSON_QUOTE(name)']; $mashprofile .= ',"notes":' . $row['JSON_QUOTE(notes)']; $mashprofile .= ',"steps":' . $row['steps']; $mashprofile .= ',"uuid":' . $row['JSON_QUOTE(uuid)'] . '}'; $mashprofiles .= $mashprofile; } $mashprofiles .= ']'; header("Content-type: application/json"); exit($mashprofiles); } syslog(LOG_NOTICE, "db_profile_mash: missing arguments"); $response['error'] = true; $response['msg'] = "missing arguments"; echo json_encode($response); ?>