Mercurial > bms / file revision

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
$rescapers = array("'");
$rreplacements = array("\\'");
$disallowed = array('visibleindex','uniqueid','boundindex','uid','undefined');

if (isset($_GET['insert']) || isset($_GET['update'])) {
	if (isset($_GET['insert'])) {
		$sql  = "INSERT INTO `profile_fermentation` SET ";
	}
	if (isset($_GET['update'])) {
		$sql  = "UPDATE `profile_fermentation` SET ";
	}

	if (isset($_GET['uuid']) && (strlen($_GET['uuid']) == 36)) {
		$sql .= "uuid='" . $_GET['uuid'];
	} else {
		$uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid'));
		$sql .= "uuid='" . $uuid;
	}

	$sql .= "', name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', inittemp_lo='" . floatval($_GET['inittemp_lo']);
	$sql .= "', inittemp_hi='" . floatval($_GET['inittemp_hi']);
	($_GET['fridgemode'] == 'true') ? $sql .= "', fridgemode='1" : $sql .= "', fridgemode='0";
	$array = $_GET['steps'];
	// Don't believe given duration and number of steps, recalculate.
	$duration = 0;
	$totalsteps = 0;
	foreach($array as $key => $item) {
		$totalsteps++;
		$duration += $item['steptime'] + $item['resttime'];
		foreach ($disallowed as $disallowed_key) {
			unset($array[$key]["$disallowed_key"]);
		}
	}
	$sql .= "', totalsteps='" . $totalsteps;
	$sql .= "', duration='" . $duration;
//	syslog(LOG_NOTICE, "steps=: ". str_replace($rescapers,$rreplacements,json_encode($array)));
	$sql .= "', steps='" . str_replace($rescapers,$rreplacements,json_encode($array));
	if (isset($_GET['insert'])) {
		$sql .= "';";
	}
	if (isset($_GET['update'])) {
		$sql .= "' WHERE record='" . $_GET['record'] . "';";
	}
	syslog(LOG_NOTICE, $sql);
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_fermentation: ".$sql." result: ".mysqli_error($connect));
	} else {
		if (isset($_GET['update'])) {
			syslog(LOG_NOTICE, "db_profile_fermentation: updated record ".$_GET['record']);
		} else {
			$lastid = mysqli_insert_id($connect);
			syslog(LOG_NOTICE, "db_profile_fermentation: inserted record ".$lastid);
		}
	}
	echo $result;

} else if (isset($_GET['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `profile_fermentation` WHERE record='".$_GET['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_fermentation: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_fermentation: deleted record ".$_GET['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$query = "SELECT * FROM profile_fermentation ORDER BY name;";
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	$profiles = '[';
	$comma = FALSE;
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		// Manual encode to JSON.
		if ($comma) {
			$profiles .= ',';
		}
		$comma = TRUE;
		$profiles .= '{"record":' . $row['record'];
		$profiles .= ',"uuid":"' . $row['uuid'];
		$profiles .= '","name":"'  . str_replace($escapers, $replacements, $row['name']);
		$profiles .= '","inittemp_lo":' . $row['inittemp_lo'];
		$profiles .= ',"inittemp_hi":' . $row['inittemp_hi'];
		$profiles .= ',"fridgemode":' . $row['fridgemode'];
		$profiles .= ',"totalsteps":' . $row['totalsteps'];
		$profiles .= ',"duration":' . $row['duration'];
		$profiles .= ',"steps":' . $row['steps'];
		$profiles .= '}';
	}
	$profiles .= ']';
	syslog(LOG_NOTICE, $profiles);
	header("Content-type: application/json");
	echo $profiles;
}
?>