Tue, 22 Jan 2019 22:46:58 +0100
Hops database bool to int types. Dropdown lists are using tables with indexes. Dropdown lists display in Dutch. Save and delete in the database now use POST instead of GET. Removed the useat field. Redesigned the web page. Code cleanup.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); // get data and store in a json array $query = "SELECT * FROM inventory_miscs ORDER BY name"; if (isset($_GET['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', type='" . $_GET['type']; $sql .= "', use_use='" . $_GET['use_use']; $sql .= "', time='" . $_GET['time']; ($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0"; $sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); ($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0"; $sql .= "', inventory='" . $_GET['inventory']; $sql .= "', cost='" . $_GET['cost']; $sql .= "', production_date='" . $_GET['production_date']; $sql .= "', tht_date='" . $_GET['tht_date']; $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_miscs: inserted ".$_GET['name']); } echo $result; } else if (isset($_GET['update'])) { // UPDATE COMMAND $sql = "UPDATE `inventory_miscs` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', type='" . $_GET['type']; $sql .= "', use_use='" . $_GET['use_use']; $sql .= "', time='" . $_GET['time']; ($_GET['amount_is_weight'] == 'true') ? $sql .= "', amount_is_weight='1" : $sql .= "', amount_is_weight='0"; $sql .= "', use_for='" . mysqli_real_escape_string($connect, $_GET['use_for']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); ($_GET['always_on_stock'] == 'true') ? $sql .= "', always_on_stock='1" : $sql .= "', always_on_stock='0"; $sql .= "', inventory='" . $_GET['inventory']; $sql .= "', cost='" . $_GET['cost']; $sql .= "', production_date='" . $_GET['production_date']; $sql .= "', tht_date='" . $_GET['tht_date']; $sql .= "' WHERE record='" . $_GET['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_miscs: updated record ".$_GET['record']); } echo $result; } else if (isset($_GET['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `inventory_miscs` WHERE record='".$_GET['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_miscs: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_miscs: deleted record ".$_GET['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $miscs[] = array( 'record' => $row['record'], 'name' => $row['name'], 'type' => $row['type'], 'use_use' => $row['use_use'], 'time' => $row['time'], 'amount_is_weight' => $row['amount_is_weight'], 'use_for' => $row['use_for'], 'notes' => $row['notes'], 'always_on_stock' => $row['always_on_stock'], 'inventory' => $row['inventory'], 'cost' => $row['cost'], 'production_date' => $row['production_date'], 'tht_date' => $row['tht_date'] ); } echo json_encode($miscs); } ?>