Sat, 26 Jan 2019 19:24:36 +0100
Water profile uses POST instead of GET. Added tooltips to the editor screen. Updated the editor screen. Total alkalinity and Bicarbonate update each other. More and smaller columns in the listing screen. Rearranged the editor screen.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); $escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c"); $replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b"); $rescapers = array("'"); $rreplacements = array("\\'"); $disallowed = array('visibleindex','uniqueid','boundindex','uid'); // get data and store in a json array $query = "SELECT * FROM profile_mash ORDER BY name"; if (isset($_GET['insert']) || isset($_GET['update'])) { if (isset($_GET['insert'])) { $sql = "INSERT INTO"; } if (isset($_GET['update'])) { $sql = "UPDATE"; } $sql .= " `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $array = $_GET['steps']; foreach($array as $key => $item){ foreach ($disallowed as $disallowed_key) { unset($array[$key]["$disallowed_key"]); } } $sql .= "', steps='" . str_replace($rescapers,$rreplacements,json_encode($array)); if (isset($_GET['insert'])) { $sql .= "';"; } if (isset($_GET['update'])) { $sql .= "' WHERE record='" . $_GET['record'] . "';"; } $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); } else { if (isset($_GET['update'])) { syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_GET['record']); } else { $lastid = mysqli_insert_id($connect); syslog(LOG_NOTICE, "db_profile_mash: inserted record ".$lastid); } } echo $result; } else if (isset($_GET['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `profile_mash` WHERE record='".$_GET['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_GET['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); $mashprofiles = '['; $comma = FALSE; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { // Manual encode to JSON. if ($comma) { $mashprofiles .= ','; } $comma = TRUE; $mashprofiles .= '{"record":' . $row['record']; $mashprofiles .= ',"name":"' . str_replace($escapers, $replacements, $row['name']); $mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']); $mashprofiles .= '","steps":' . $row['steps']; $mashprofiles .= '}'; } $mashprofiles .= ']'; header("Content-type: application/json"); echo $mashprofiles; } ?>