Mercurial > bms / file revision

www/includes/db_profile_mash.php@dfc850e6ee1f

www/includes/db_profile_mash.php

Tue, 10 Dec 2019 20:11:37 +0100

author
Michiel Broek <mbroek@mbse.eu>
date
Tue, 10 Dec 2019 20:11:37 +0100
changeset 565
dfc850e6ee1f
parent 215
83cee005d2d9
child 716
57118e6a4bdb
permissions
-rw-r--r--

Fix upgrade of the yeast data in products and recipes if the original yeast is not found. Export product or recipe for forum is now coded in forum format and copied to the clipboard ready to paste on a forum.

<?php

require($_SERVER['DOCUMENT_ROOT']."/config.php");
require($_SERVER['DOCUMENT_ROOT']."/version.php");

#Connect to the database
$connect = mysqli_connect(DBASE_HOST, DBASE_USER, DBASE_PASS, DBASE_NAME);
if (! $connect) {
	die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
mysqli_set_charset($connect, "utf8" );

$escapers = array("\\", "/", "\"", "\n", "\r", "\t", "\x08", "\x0c");
$replacements = array("\\\\", "\\/", "\\\"", "\\n", "\\r", "\\t", "\\f", "\\b");
$rescapers = array("'");
$rreplacements = array("\\'");
$disallowed = array('visibleindex','uniqueid','boundindex','uid');

if (isset($_POST['insert']) || isset($_POST['update'])) {
	if (isset($_POST['insert'])) {
		$sql  = "INSERT INTO";
	}
	if (isset($_POST['update'])) {
		$sql  = "UPDATE";
	}
	$sql .= " `profile_mash` SET name='" . mysqli_real_escape_string($connect, $_POST['name']);
	$sql .= "', notes='" . mysqli_real_escape_string($connect, $_POST['notes']);
	$array = $_POST['steps'];
	$comma = FALSE;
	$steps = '[';
	foreach($array as $key => $item) {
		/*
		 * Manual encode to json. This eliminates the wrong UTF-8 encodings
		 * but also removes the unwanted fields.
		 */
		if ($comma)
			$steps.= ',';
		$steps .= '{"step_name":"' . str_replace($rescapers,$rreplacements,$item['step_name']);
		$steps .= '","step_type":' . $item['step_type'];
		$steps .= ',"step_temp":' . $item['step_temp'];
		$steps .= ',"end_temp":' . $item['end_temp'];
		$steps .= ',"step_time":' . $item['step_time'];
		$steps .= ',"ramp_time":' . $item['ramp_time'] . '}';
		$comma = TRUE;
	}
	$steps .= ']';
	$sql .= "', steps='" . $steps;
	if (isset($_POST['insert'])) {
		$sql .= "';";
	}
	if (isset($_POST['update'])) {
		$sql .= "' WHERE record='" . $_POST['record'] . "';";
	}
	syslog(LOG_NOTICE, $sql);

	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		if (isset($_POST['update'])) {
			syslog(LOG_NOTICE, "db_profile_mash: updated record ".$_POST['record']);
		} else {
			$lastid = mysqli_insert_id($connect);
			syslog(LOG_NOTICE, "db_profile_mash: inserted record ".$lastid);
		}
	}
	echo $result;

} else if (isset($_POST['delete'])) {
	// DELETE COMMAND
	$sql = "DELETE FROM `profile_mash` WHERE record='".$_POST['record']."';";
	$result = mysqli_query($connect, $sql);
	if (! $result) {
		syslog(LOG_NOTICE, "db_profile_mash: ".$sql." result: ".mysqli_error($connect));
	} else {
		syslog(LOG_NOTICE, "db_profile_mash: deleted record ".$_POST['record']);
	}
	echo $result;

} else {
	// SELECT COMMAND
	$query = "SELECT * FROM profile_mash ORDER BY name";
	$result = mysqli_query($connect, $query) or die("SQL Error 1: " . mysqli_error($connect));
	$mashprofiles = '[';
	$comma = FALSE;
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
		// Manual encode to JSON.
		if ($comma) {
			$mashprofiles .= ',';
		}
		$comma = TRUE;
		$mashprofiles .= '{"record":' . $row['record'];
	        $mashprofiles .= ',"name":"'  . str_replace($escapers, $replacements, $row['name']);
		$mashprofiles .= '","notes":"' . str_replace($escapers, $replacements, $row['notes']);
		$mashprofiles .= '","steps":' . $row['steps'];
		$mashprofiles .= '}';
	}
	$mashprofiles .= ']';
	header("Content-type: application/json");
	echo $mashprofiles;
}
?>

Mercurial Repository: bms

mercurial