www/includes/db_inventory_suppliers.php@99a7f2a6976e
www/includes/db_inventory_suppliers.php
Thu, 20 Jun 2019 13:55:12 +0200
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Thu, 20 Jun 2019 13:55:12 +0200
- changeset 419
- 99a7f2a6976e
- parent 296
- 69fadd1aded2
- child 715
- 8fb922c00a2d
- permissions
- -rw-r--r--
Added packaging volume and add water or liquer to the beer after fermentation. Auto divide changing volumes between bottles and fusts. Upgrade the database in the crontask. Added these fields to the packaging tab screen.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); // get data and store in a json array $query = "SELECT * FROM inventory_suppliers ORDER BY name"; if (isset($_POST['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: inserted ".$_POST['name']); } echo $result; } else if (isset($_POST['update'])) { // UPDATE COMMAND $sql = "UPDATE `inventory_suppliers` SET name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "' WHERE record='" . $_POST['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: updated record ".$_POST['record']); } echo $result; } else if (isset($_POST['delete'])) { // DELETE COMMAND // FIXME: need to check if the record is in use $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_suppliers: deleted record ".$_POST['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $suppliers[] = array( 'record' => $row['record'], 'name' => $row['name'], 'address' => $row['address'], 'city' => $row['city'], 'zip' => $row['zip'], 'country' => $row['country'], 'website' => $row['website'], 'email' => $row['email'], 'phone' => $row['phone'], 'notes' => $row['notes'] ); } header("Content-type: application/json"); echo json_encode($suppliers); } ?>
