Mercurial > bms / file revision

www/includes/db_profile_mash.php@ac993ef43b13

www/includes/db_profile_mash.php

Fri, 30 Nov 2018 17:40:39 +0100

author
Michiel Broek <mbroek@mbse.eu>
date
Fri, 30 Nov 2018 17:40:39 +0100
changeset 116
ac993ef43b13
parent 77
a9f8de2d7b2b
child 120
b28a3d6143bc
permissions
-rw-r--r--

Removed all calculations from the equipemnts database script and added missing fields. Added missing fields to the inventory equipemnts edit screen. Added conditional batch size calculation to the equipments editor. Added specific heat settings to the equipments editor.

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");

// get data and store in a json array
$query = "SELECT * FROM profile_mash ORDER BY name";
if (isset($_GET['insert'])) {
	// INSERT COMMAND
	$sql  = "INSERT INTO `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$sql .= "', steps='" . json_encode($_GET['steps']);
	$sql .= "';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: inserted ".$_GET['name']);
	}
	echo $result;

} else if (isset($_GET['update'])) {
	// UPDATE COMMAND
	$sql  = "UPDATE `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$sql .= "', steps='" . json_encode($_GET['steps']);
	$sql .= "' WHERE record='" . $_GET['record'] . "';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_GET['record']);
	}
	echo $result;

} else if (isset($_GET['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `profile_mash` WHERE record='".$_GET['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_GET['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	$mashprofiles = '[';
	$comma = FALSE;
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		// Manual encode to JSON.
		if ($comma) {
			$mashprofiles .= ',';
		}
		$comma = TRUE;
		$mashprofiles .= '{"record":' . $row['record'];
	        $mashprofiles .= ',"name":"'  . str_replace($escapers, $replacements, $row['name']);
		$mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']);
		$mashprofiles .= '","steps":' . $row['steps'];
		$mashprofiles .= '}';
	}
	$mashprofiles .= ']';
	header("Content-type: application/json");
	echo $mashprofiles;
}
?>

Mercurial Repository: bms

mercurial