www/includes/db_profile_styles.php@a9f8de2d7b2b
www/includes/db_profile_styles.php
Tue, 06 Nov 2018 22:55:55 +0100
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Tue, 06 Nov 2018 22:55:55 +0100
- changeset 77
- a9f8de2d7b2b
- parent 48
- bdd1ec9b9c06
- child 217
- 318aab371497
- permissions
- -rw-r--r--
Fixed most charset problems. Added fpdf library. Added inventory pdf creation.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); // get data and store in a json array $query = "SELECT * FROM profile_styles ORDER BY style_guide,style_letter,name"; if (isset($_GET['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); $sql .= "', category_number='" . $_GET['category_number']; $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); $sql .= "', type='" . $_GET['type']; $sql .= "', og_min='" . $_GET['og_min']; $sql .= "', og_max='" . $_GET['og_max']; $sql .= "', fg_min='" . $_GET['fg_min']; $sql .= "', fg_max='" . $_GET['fg_max']; $sql .= "', ibu_min='" . $_GET['ibu_min']; $sql .= "', ibu_max='" . $_GET['ibu_max']; $sql .= "', color_min='" . $_GET['color_min']; $sql .= "', color_max='" . $_GET['color_max']; $sql .= "', carb_min='" . $_GET['carb_min']; $sql .= "', carb_max='" . $_GET['carb_max']; $sql .= "', abv_min='" . $_GET['abv_min']; $sql .= "', abv_max='" . $_GET['abv_max']; $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: inserted ".$_GET['name']); } echo $result; } else if (isset($_GET['update'])) { // UPDATE COMMAND $sql = "UPDATE `profile_styles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', category='" . mysqli_real_escape_string($connect, $_GET['category']); $sql .= "', category_number='" . $_GET['category_number']; $sql .= "', style_letter='" . mysqli_real_escape_string($connect, $_GET['style_letter']); $sql .= "', style_guide='" . mysqli_real_escape_string($connect, $_GET['style_guide']); $sql .= "', type='" . $_GET['type']; $sql .= "', og_min='" . $_GET['og_min']; $sql .= "', og_max='" . $_GET['og_max']; $sql .= "', fg_min='" . $_GET['fg_min']; $sql .= "', fg_max='" . $_GET['fg_max']; $sql .= "', ibu_min='" . $_GET['ibu_min']; $sql .= "', ibu_max='" . $_GET['ibu_max']; $sql .= "', color_min='" . $_GET['color_min']; $sql .= "', color_max='" . $_GET['color_max']; $sql .= "', carb_min='" . $_GET['carb_min']; $sql .= "', carb_max='" . $_GET['carb_max']; $sql .= "', abv_min='" . $_GET['abv_min']; $sql .= "', abv_max='" . $_GET['abv_max']; $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', profile='" . mysqli_real_escape_string($connect, $_GET['profile']); $sql .= "', ingredients='" . mysqli_real_escape_string($connect, $_GET['ingredients']); $sql .= "', examples='" . mysqli_real_escape_string($connect, $_GET['examples']); $sql .= "' WHERE record='" . $_GET['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: updated record ".$_GET['record']); } echo $result; } else if (isset($_GET['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `profile_styles` WHERE record='".$_GET['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_profile_styles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_profile_styles: deleted record ".$_GET['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $styles[] = array( 'record' => $row['record'], 'name' => $row['name'], 'category' => $row['category'], 'category_number' => $row['category_number'], 'style_letter' => $row['style_letter'], 'style_guide' => $row['style_guide'], 'type' => $row['type'], 'og_min' => $row['og_min'], 'og_max' => $row['og_max'], 'fg_min' => $row['fg_min'], 'fg_max' => $row['fg_max'], 'ibu_min' => $row['ibu_min'], 'ibu_max' => $row['ibu_max'], 'color_min' => $row['color_min'], 'color_max' => $row['color_max'], 'carb_min' => $row['carb_min'], 'carb_max' => $row['carb_max'], 'abv_min' => $row['abv_min'], 'abv_max' => $row['abv_max'], 'notes' => $row['notes'], 'profile' => $row['profile'], 'ingredients' => $row['ingredients'], 'examples' => $row['examples'] ); } echo json_encode($styles); } ?>
