www/includes/db_profile_styles.php@531d5458782f
www/includes/db_profile_styles.php
Tue, 22 Jan 2019 22:46:58 +0100
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Tue, 22 Jan 2019 22:46:58 +0100
- changeset 196
- 531d5458782f
- parent 77
- a9f8de2d7b2b
- child 217
- 318aab371497
- permissions
- -rw-r--r--
Hops database bool to int types. Dropdown lists are using tables with indexes. Dropdown lists display in Dutch. Save and delete in the database now use POST instead of GET. Removed the useat field. Redesigned the web page. Code cleanup.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); // get data and store in a json array $query = "SELECT * FROM profile_styles ORDER BY style_guide,style_letter,name"; if (isset($_GET['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); $sql .= "', category_number='" . $_GET['category_number']; $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); $sql .= "', type='" . $_GET['type']; $sql .= "', og_min='" . $_GET['og_min']; $sql .= "', og_max='" . $_GET['og_max']; $sql .= "', fg_min='" . $_GET['fg_min']; $sql .= "', fg_max='" . $_GET['fg_max']; $sql .= "', ibu_min='" . $_GET['ibu_min']; $sql .= "', ibu_max='" . $_GET['ibu_max']; $sql .= "', color_min='" . $_GET['color_min']; $sql .= "', color_max='" . $_GET['color_max']; $sql .= "', carb_min='" . $_GET['carb_min']; $sql .= "', carb_max='" . $_GET['carb_max']; $sql .= "', abv_min='" . $_GET['abv_min']; $sql .= "', abv_max='" . $_GET['abv_max']; $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: inserted ".$_GET['name']); } echo $result; } else if (isset($_GET['update'])) { // UPDATE COMMAND $sql = "UPDATE `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); $sql .= "', category_number='" . $_GET['category_number']; $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); $sql .= "', type='" . $_GET['type']; $sql .= "', og_min='" . $_GET['og_min']; $sql .= "', og_max='" . $_GET['og_max']; $sql .= "', fg_min='" . $_GET['fg_min']; $sql .= "', fg_max='" . $_GET['fg_max']; $sql .= "', ibu_min='" . $_GET['ibu_min']; $sql .= "', ibu_max='" . $_GET['ibu_max']; $sql .= "', color_min='" . $_GET['color_min']; $sql .= "', color_max='" . $_GET['color_max']; $sql .= "', carb_min='" . $_GET['carb_min']; $sql .= "', carb_max='" . $_GET['carb_max']; $sql .= "', abv_min='" . $_GET['abv_min']; $sql .= "', abv_max='" . $_GET['abv_max']; $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); $sql .= "' WHERE record='" . $_GET['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: updated record ".$_GET['record']); } echo $result; } else if (isset($_GET['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `profile_styles` WHERE record='".$_GET['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: deleted record ".$_GET['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $styles[] = array( 'record' => $row['record'], 'name' => $row['name'], 'category' => $row['category'], 'category_number' => $row['category_number'], 'style_letter' => $row['style_letter'], 'style_guide' => $row['style_guide'], 'type' => $row['type'], 'og_min' => $row['og_min'], 'og_max' => $row['og_max'], 'fg_min' => $row['fg_min'], 'fg_max' => $row['fg_max'], 'ibu_min' => $row['ibu_min'], 'ibu_max' => $row['ibu_max'], 'color_min' => $row['color_min'], 'color_max' => $row['color_max'], 'carb_min' => $row['carb_min'], 'carb_max' => $row['carb_max'], 'abv_min' => $row['abv_min'], 'abv_max' => $row['abv_max'], 'notes' => $row['notes'], 'profile' => $row['profile'], 'ingredients' => $row['ingredients'], 'examples' => $row['examples'] ); } echo json_encode($styles); } ?>
