www/includes/db_profile_mash.php

Mon, 10 Dec 2018 22:20:19 +0100

author
Michiel Broek <mbroek@mbse.eu>
date
Mon, 10 Dec 2018 22:20:19 +0100
changeset 136
bcc4583fd013
parent 120
b28a3d6143bc
child 213
b0d484a5525e
permissions
-rw-r--r--

Fixed estimate FG calculation during recipes import. Added estimate FG calculation in the recipe editor but do not yet update the recipe. Added SVG calculation to the recipes editor. Added calculations for hop aroma and flavour contribution.

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
$rescapers = array("'");
$rreplacements = array("\\'");
$disallowed = array('visibleindex','uniqueid','boundindex','uid');

// get data and store in a json array
$query = "SELECT * FROM profile_mash ORDER BY name";
if (isset($_GET['insert']) || isset($_GET['update'])) {
	if (isset($_GET['insert'])) {
		$sql  = "INSERT INTO";
	}
	if (isset($_GET['update'])) {
		$sql  = "UPDATE";
	}
	$sql .= " `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_GET['name']);
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_GET['notes']);
	$array = $_GET['steps'];
	foreach($array as $key => $item){
		foreach ($disallowed as $disallowed_key) {
			unset($array[$key]["$disallowed_key"]);
		}
	}
	$sql .= "', steps='" . str_replace($rescapers,$rreplacements,json_encode($array));
	if (isset($_GET['insert'])) {
		$sql .= "';";
	}
	if (isset($_GET['update'])) {
		$sql .= "' WHERE record='" . $_GET['record'] . "';";
	}
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		if (isset($_GET['update'])) {
			syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_GET['record']);
		} else {
			$lastid = mysqli_insert_id($connect);
			syslog(LOG_NOTICE, "db_profile_mash: inserted record ".$lastid);
		}
	}
	echo $result;

} else if (isset($_GET['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `profile_mash` WHERE record='".$_GET['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_GET['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	$mashprofiles = '[';
	$comma = FALSE;
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		// Manual encode to JSON.
		if ($comma) {
			$mashprofiles .= ',';
		}
		$comma = TRUE;
		$mashprofiles .= '{"record":' . $row['record'];
	        $mashprofiles .= ',"name":"'  . str_replace($escapers, $replacements, $row['name']);
		$mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']);
		$mashprofiles .= '","steps":' . $row['steps'];
		$mashprofiles .= '}';
	}
	$mashprofiles .= ']';
	header("Content-type: application/json");
	echo $mashprofiles;
}
?>

mercurial