Mercurial > bms / file revision

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

// get data and store in a json array
$query = "SELECT * FROM inventory_yeasts ORDER BY laboratory,product_id,name";
if (isset($_GET['insert'])) {
	// INSERT COMMAND
	$sql  = "INSERT INTO `inventory_yeasts` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', type='" . $_GET['type'];
	$sql .= "', form='" . $_GET['form'];
	$sql .= "', laboratory='" . mysqli_real_escape_string($connect, $_GET['laboratory']);
	$sql .= "', product_id='" . mysqli_real_escape_string($connect, $_GET['product_id']);
	$sql .= "', min_temperature='" . $_GET['min_temperature'];
	$sql .= "', max_temperature='" . $_GET['max_temperature'];
	$sql .= "', flocculation='" . $_GET['flocculation'];
	$sql .= "', attenuation='" . $_GET['attenuation'];
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$sql .= "', best_for='" . mysqli_real_escape_string($connect, $_GET['best_for']);
	$sql .= "', max_reuse='" . $_GET['max_reuse'];
	$sql .= "', inventory='" . floatval($_GET['inventory']) / 1000.0;
	$sql .= "', cost='" . $_GET['cost'];
	$sql .= "', production_date='" . $_GET['production_date'];
	$sql .= "', tht_date='" . $_GET['tht_date'];
	$sql .= "';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_inventory_yeasts: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_inventory_yeasts: inserted ".$_GET['name']);
	}
	echo $result;

} else if (isset($_GET['update'])) {
	// UPDATE COMMAND
	$sql  = "UPDATE `inventory_yeasts` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', type='" . $_GET['type'];
	$sql .= "', form='" . $_GET['form'];
	$sql .= "', laboratory='" . mysqli_real_escape_string($connect, $_GET['laboratory']);
	$sql .= "', product_id='" . mysqli_real_escape_string($connect, $_GET['product_id']);
	$sql .= "', min_temperature='" . $_GET['min_temperature'];
	$sql .= "', max_temperature='" . $_GET['max_temperature'];
	$sql .= "', flocculation='" . $_GET['flocculation'];
	$sql .= "', attenuation='" . $_GET['attenuation'];
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$sql .= "', best_for='" . mysqli_real_escape_string($connect, $_GET['best_for']);
	$sql .= "', max_reuse='" . $_GET['max_reuse'];
	$sql .= "', inventory='" . floatval($_GET['inventory']) / 1000.0;
	$sql .= "', cost='" . $_GET['cost'];
	$sql .= "', production_date='" . $_GET['production_date'];
	$sql .= "', tht_date='" . $_GET['tht_date'];
	$sql .= "' WHERE record='" . $_GET['record'] . "';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_inventory_yeasts: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_inventory_yeasts: updated record ".$_GET['record']);
	}
	echo $result;

} else if (isset($_GET['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `inventory_yeasts` WHERE record='".$_GET['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_inventory_yeasts: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_inventory_yeasts: deleted record ".$_GET['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		$yeasts[] = array(
			'record' => $row['record'],
			'name' => $row['name'],
			'type' => $row['type'],
			'form' => $row['form'],
			'laboratory' => $row['laboratory'],
			'product_id' => $row['product_id'],
			'min_temperature' => $row['min_temperature'],
			'max_temperature' => $row['max_temperature'],
			'flocculation' => $row['flocculation'],
			'attenuation' => $row['attenuation'],
			'notes' => $row['notes'],
			'best_for' => $row['best_for'],
			'max_reuse' => $row['max_reuse'],
			'inventory' => floatval($row['inventory']) * 1000.0,
			'cost' => $row['cost'],
			'production_date' => $row['production_date'],
			'tht_date' => $row['tht_date']
		);
	}
	echo json_encode($yeasts);
}
?>