www/includes/db_inventory_mash_profiles.php@b7d44c98d609
www/includes/db_inventory_mash_profiles.php
Mon, 27 Aug 2018 22:58:20 +0200
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Mon, 27 Aug 2018 22:58:20 +0200
- changeset 38
- b7d44c98d609
- parent 25
- d9da6c40dff5
- permissions
- -rw-r--r--
Initial setup for mash steps editing.
<?php require($_SERVER['DOCUMENT_ROOT']."/config.php"); require($_SERVER['DOCUMENT_ROOT']."/version.php"); #Connect to the database $connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME); if (! $connect) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } // get data and store in a json array $query = "SELECT * FROM inventory_mash_profiles ORDER BY name"; if (isset($_GET['insert'])) { // INSERT COMMAND $sql = "INSERT INTO `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', steps='" . json_encode($_GET['steps']); $sql .= "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_mash_profiles: inserted ".$_GET['name']); } echo $result; } else if (isset($_GET['update'])) { // UPDATE COMMAND $sql = "UPDATE `inventory_mash_profiles` SET name='" . mysqli_real_escape_string($connect, $_GET['name']); $sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']); $sql .= "', steps='" . json_encode($_GET['steps']); $sql .= "' WHERE record='" . $_GET['record'] . "';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_mash_profiles: updated record ".$_GET['record']); } echo $result; } else if (isset($_GET['delete'])) { // DELETE COMMAND $sql = "DELETE FROM `inventory_mash_profiles` WHERE record='".$_GET['record']."';"; $result = mysqli_query($connect, $sql); if (! $result) { syslog(LOG_NOTICE, "db_inventory_mash_profiles: ".$sql." result: ".mysqli_error($connect)); } else { syslog(LOG_NOTICE, "db_inventory_mash_profiles: deleted record ".$_GET['record']); } echo $result; } else { // SELECT COMMAND $result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect)); $mashprofiles = '['; $comma = FALSE; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { // Manual encode to JSON. if ($comma) { $mashprofiles .= ','; } $comma = TRUE; $mashprofiles .= '{"record":' . $row['record']; $mashprofiles .= ',"name":"' . $row['name']; $mashprofiles .= '","notes":"' . $row['notes']; $mashprofiles .= '","steps":' . $row['steps']; $mashprofiles .= '}'; } $mashprofiles .= ']'; header("Content-type: application/json"); echo $mashprofiles; } ?>
