Mercurial > bms / file revision

www/includes/db_profile_mash.php@6470e5c6a001

www/includes/db_profile_mash.php

Sat, 19 Jan 2019 12:05:37 +0100

author
Michiel Broek <mbroek@mbse.eu>
date
Sat, 19 Jan 2019 12:05:37 +0100
changeset 189
6470e5c6a001
parent 120
b28a3d6143bc
child 213
b0d484a5525e
permissions
-rw-r--r--

In bmsd added missing json percent. The Makefile didn't install the fpdf library. Added profile commands. Small changes to the monitor fermenters screen. The monitor fermenters scheduler is now more responsive. Profiles selection and commands in the remote thermferm.

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
$rescapers = array("'");
$rreplacements = array("\\'");
$disallowed = array('visibleindex','uniqueid','boundindex','uid');

// get data and store in a json array
$query = "SELECT * FROM profile_mash ORDER BY name";
if (isset($_GET['insert']) || isset($_GET['update'])) {
	if (isset($_GET['insert'])) {
		$sql  = "INSERT INTO";
	}
	if (isset($_GET['update'])) {
		$sql  = "UPDATE";
	}
	$sql .= " `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$array = $_GET['steps'];
	foreach($array as $key => $item){
		foreach ($disallowed as $disallowed_key) {
			unset($array[$key]["$disallowed_key"]);
		}
	}
	$sql .= "', steps='" . str_replace($rescapers,$rreplacements,json_encode($array));
	if (isset($_GET['insert'])) {
		$sql .= "';";
	}
	if (isset($_GET['update'])) {
		$sql .= "' WHERE record='" . $_GET['record'] . "';";
	}
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		if (isset($_GET['update'])) {
			syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_GET['record']);
		} else {
			$lastid = mysqli_insert_id($connect);
			syslog(LOG_NOTICE, "db_profile_mash: inserted record ".$lastid);
		}
	}
	echo $result;

} else if (isset($_GET['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `profile_mash` WHERE record='".$_GET['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_GET['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	$mashprofiles = '[';
	$comma = FALSE;
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		// Manual encode to JSON.
		if ($comma) {
			$mashprofiles .= ',';
		}
		$comma = TRUE;
		$mashprofiles .= '{"record":' . $row['record'];
	        $mashprofiles .= ',"name":"'  . str_replace($escapers, $replacements, $row['name']);
		$mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']);
		$mashprofiles .= '","steps":' . $row['steps'];
		$mashprofiles .= '}';
	}
	$mashprofiles .= ']';
	header("Content-type: application/json");
	echo $mashprofiles;
}
?>

Mercurial Repository: bms

mercurial