www/includes/db_inventory_suppliers.php@aa79acfdf8a9
www/includes/db_inventory_suppliers.php
Thu, 10 Feb 2022 22:15:10 +0100
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Thu, 10 Feb 2022 22:15:10 +0100
- changeset 785
- aa79acfdf8a9
- parent 767
- 08c0343b622b
- permissions
- -rw-r--r--
Added uuid field in inventory equipments, fermentables, hops, miscs, suppliers, water and yeasts. Added uuid field in profiles mash, styles and water.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } mysqli_set_charset($connect, "utf8" ); $response = array( 'error' => false, 'msg' => 'Ok', ); // get data and store in a json array $query = "SELECT * FROM inventory_suppliers ORDER BY name"; if (isset($_POST['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `inventory_suppliers` SET "; if (isset($_POST['uuid']) && (strlen($_POST['uuid']) == 36)) { $sql .= "uuid='" . $_POST['uuid']; } else { $uuid = str_replace("\n", "", file_get_contents('/proc/sys/kernel/random/uuid')); $sql .= "uuid='" . $uuid; } $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); $response['error'] = true; $response['msg'] = "SQL fout: ".mysqli_error($connect); } exit(json_encode($response)); } else if (isset($_POST['update'])) { // UPDATE COMMAND $sql = "UPDATE `inventory_suppliers` SET uuid='" . $_POST['uuid']; $sql .= "', name='" . mysqli_real_escape_string($connect, $_POST['name']); $sql .= "', address='" . mysqli_real_escape_string($connect, $_POST['address']); $sql .= "', city='" . mysqli_real_escape_string($connect, $_POST['city']); $sql .= "', zip='" . mysqli_real_escape_string($connect, $_POST['zip']); $sql .= "', country='" . mysqli_real_escape_string($connect, $_POST['country']); $sql .= "', website='" . mysqli_real_escape_string($connect, $_POST['website']); $sql .= "', email='" . mysqli_real_escape_string($connect, $_POST['email']); $sql .= "', phone='" . mysqli_real_escape_string($connect, $_POST['phone']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']); $sql .= "' WHERE record='" . $_POST['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); $response['error'] = true; $response['msg'] = "SQL fout: ".mysqli_error($connect); } exit(json_encode($response)); } else if (isset($_POST['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `inventory_suppliers` WHERE record='".$_POST['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_suppliers: ".$sql." result: ".mysqli_error($connect)); $response['error'] = true; $response['msg'] = "SQL fout: ".mysqli_error($connect); } exit(json_encode($response)); } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $suppliers[] = array( 'record' => $row['record'], 'uuid' => $row['uuid'], 'name' => $row['name'], 'address' => $row['address'], 'city' => $row['city'], 'zip' => $row['zip'], 'country' => $row['country'], 'website' => $row['website'], 'email' => $row['email'], 'phone' => $row['phone'], 'notes' => $row['notes'] ); } header("Content-type: application/json"); exit(json_encode($suppliers)); } syslog(LOG_NOTICE, "db_inventory_suppliers: missing arguments"); $response['error'] = true; $response['msg'] = "missing arguments"; echo json_encode($response); ?>
