Mercurial > bms / file revision

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");


#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

if (isset($_POST['insert']) || isset($_POST['update'])) {
	if (isset($_POST['insert'])) {
		$sql  = "INSERT INTO `inventory_hops` SET ";
	}
	if (isset($_POST['update'])) {
		$sql  = "UPDATE `inventory_hops` SET ";
	}

	$sql .= "name='" . mysqli_real_escape_string($connect, $_POST['name']);
	$sql .= "', alpha='" . $_POST['alpha'];
	$sql .= "', beta='" . $_POST['beta'];
	$sql .= "', humulene='" . $_POST['humulene'];
	$sql .= "', caryophyllene='" . $_POST['caryophyllene'];
	$sql .= "', cohumulone='" . $_POST['cohumulone'];
	$sql .= "', myrcene='" . $_POST['myrcene'];
	$sql .= "', hsi='" . $_POST['hsi'];
	$sql .= "', type='" . $_POST['type'];
	$sql .= "', form='" . $_POST['form'];
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
	$sql .= "', origin='" . mysqli_real_escape_string($connect, $_POST['origin']);
	$sql .= "', substitutes='" . mysqli_real_escape_string($connect, $_POST['substitutes']);
	($_POST['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0";
	$sql .= "', inventory='" . floatval($_POST['inventory']) / 1000.0;
	$sql .= "', cost='" . $_POST['cost'] . "'";
	if ($_POST['production_date'] == '')
		$sql .= ", production_date=NULL";
	else
		$sql .= ", production_date='" . $_POST['production_date'] . "'";
	if ($_POST['tht_date'] == '')
		$sql .= ", tht_date=NULL";
	else
		$sql .= ", tht_date='" . $_POST['tht_date'] . "'";
	$sql .= ", total_oil='" . $_POST['total_oil'];
	if (isset($_POST['insert'])) {
		$sql .= "';";
	}
	if (isset($_POST['update'])) {
		$sql .= "' WHERE record='" . $_POST['record'] . "';";
	}
	syslog(LOG_NOTICE, $sql);

	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_inventory_hops: ".$sql." result: ".mysqli_error($connect));
	} else {
		if (isset($_POST['update'])) {
			syslog(LOG_NOTICE, "db_inventory_hops: updated record ".$_POST['record']);
		} else {
			$lastid = mysqli_insert_id($connect);
			syslog(LOG_NOTICE, "db_inventory_hops: inserted record ".$lastid);
		}
	}
	echo $result;

} else if (isset($_POST['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `inventory_hops` WHERE record='".$_POST['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_inventory_hops: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_inventory_hops: deleted record ".$_POST['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$query = "SELECT * FROM inventory_hops ORDER BY origin,name";
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		$hops[] = array(
			'record' => $row['record'],
			'name' => $row['name'],
			'alpha' => $row['alpha'],
			'beta' => $row['beta'],
			'humulene' => $row['humulene'],
			'caryophyllene' => $row['caryophyllene'],
			'cohumulone' => $row['cohumulone'],
			'myrcene' => $row['myrcene'],
			'hsi' => $row['hsi'],
			'type' => $row['type'],
			'form' => $row['form'],
			'notes' => $row['notes'],
			'origin' => $row['origin'],
			'substitutes' => $row['substitutes'],
			'always_on_stock' => $row['always_on_stock'],
			'inventory' => floatval($row['inventory']) * 1000.0,
			'cost' => $row['cost'],
			'production_date' => $row['production_date'],
			'tht_date' => $row['tht_date'],
			'total_oil' => $row['total_oil']
		);
	}
	echo json_encode($hops);
}
?>