Sat, 26 Jan 2019 19:24:36 +0100
Water profile uses POST instead of GET. Added tooltips to the editor screen. Updated the editor screen. Total alkalinity and Bicarbonate update each other. More and smaller columns in the listing screen. Rearranged the editor screen.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); // get data and store in a json array $query = "SELECT * FROM inventory_suppliers ORDER BY name"; if (isset($_POST['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: inserted ".$_POST['name']); } echo $result; } else if (isset($_POST['update'])) { // UPDATE COMMAND $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "' WHERE record='" . $_POST['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: updated record ".$_POST['record']); } echo $result; } else if (isset($_POST['delete'])) { // DELETE COMMAND // FIXME: need to check if the record is in use $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: deleted record ".$_POST['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $suppliers[] = array( 'record' => $row['record'], 'name' => $row['name'], 'address' => $row['address'], 'city' => $row['city'], 'zip' => $row['zip'], 'country' => $row['country'], 'website' => $row['website'], 'email' => $row['email'], 'phone' => $row['phone'], 'notes' => $row['notes'] ); } echo json_encode($suppliers); } ?>