Exemplo n.º 1
0
        $id = getGetParam("id");
        $userId = getGetParam("userId");
        $name = getGetParam("name");
        $numServings = getGetParam("numServings");
        $notes = ereg_replace("\n", "|NL|", getGetParam("notes"));
        $query = "UPDATE " . $recipeTable . " SET userId=" . $userId . ", name='" . $name . "', numServings=" . $numServings . ", notes='" . $notes . "'";
        $query .= " WHERE id=" . $id;
        $isUpdate = true;
        //echo(str_replace("$1", $query, $genMessage));
        //return;
        break;
    case "insertRecipe":
        $userId = getGetParam("userId");
        $name = getGetParam("name");
        $numServings = getGetParam("numServings");
        $notes = ereg_replace("\n", "|", getGetParam("notes"));
        $query = "INSERT INTO " . $recipeTable . " (userId, name, numServings, notes) VALUES (" . $userId . ", '" . $name . "', '" . $numServings . "', '" . $notes . "')";
        $isInsert = true;
        break;
    default:
        echo str_replace("\$1", $queryType, $errorQueryType);
        return;
}
/*
	Execute the query
*/
$result = $conn->query($query);
if (!$result) {
    echo str_replace("\$1", $conn->error, $errMessage);
    return;
}
Exemplo n.º 2
0
<?php

header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
$conn = new mysqli("server", "username", "password", "database");
$queryType = htmlspecialchars($_GET["query"]);
function getGetParam($param)
{
    return htmlspecialchars($_GET[$param]);
}
$msg = "";
switch ($queryType) {
    case "adam":
        $msg = ereg_replace("\n", "|", getGetParam("test"));
        $msg .= "\r\n\r\n" . urlencode(str_replace("|", "\n", "one|two|three"));
        break;
    default:
        $msg = "nobody knows the trouble i'm in...";
}
echo '"' . $msg . '"';
Exemplo n.º 3
0
            $query .= ", gramsPerCup=" . $gramsPerCup;
        } else {
            $query .= ", gramsPerCup=NULL";
        }
        $query .= " WHERE id=" . $id;
        $isUpdate = true;
        break;
    case "deleteIngredient":
        $id = getGetParam("id");
        $query = "DELETE FROM " . $ingredientTable . " WHERE id=" . $id;
        $isDelete = true;
        break;
    case "insertIngredient":
        $name = getGetParam("name");
        $measureType = getGetParam("measureType");
        $gramsPerCup = $measureType === "weight" ? getGetParam("gramsPerCup") : NULL;
        $query = "INSERT INTO " . $ingredientTable . " (name, measureType, gramsPerCup) VALUES ('" . $name . "', '" . $measureType . "'";
        if (!is_null($gramsPerCup)) {
            $query .= ", " . $gramsPerCup . ")";
        } else {
            $query .= ", NULL)";
        }
        $isInsert = true;
        //echo(str_replace("$1", $query, $genMessage));
        //return;
        break;
    default:
        echo str_replace("\$1", $queryType, $errorQueryType);
        return;
}
/*
Exemplo n.º 4
0
	Set up the connection to the database
*/
$conn = new mysqli("server", "username", "password", "database");
/*
	Build the query
*/
$query = "";
$queryType = getGetParam("query");
$isSelect = false;
$isUpdate = false;
$isInsert = false;
$isDelete = false;
switch ($queryType) {
    case "login":
        $username = getGetParam("username");
        $password = getGetParam("password");
        $query = "SELECT id, username, isAdmin FROM " . $table . " WHERE username = '******' AND password = '******'";
        $isSelect = true;
        break;
    default:
        echo str_replace("\$1", $queryType, $errorQueryType);
        return;
}
/*
	Execute the query
*/
$result = $conn->query($query);
/*
	Build out the data as JSON and echo it back
*/
if ($isSelect) {
        $storeId = getGetParam("storeId");
        $quantity = getGetParam("quantity");
        $quantityType = getGetParam("quantityType");
        $cost = getGetParam("cost");
        $isOrganic = getGetParam("isOrganic");
        $query = "UPDATE " . $table . " SET ingredientId=" . $ingredientId . ", storeId=" . $storeId . ", quantity=" . $quantity . ", quantityType='" . $quantityType . "', cost=" . $cost . ", isOrganic=" . $isOrganic;
        $query .= " WHERE id=" . $id;
        $isUpdate = true;
        break;
    case "insertStoreIngredient":
        $ingredientId = getGetParam("ingredientId");
        $storeId = getGetParam("storeId");
        $quantity = getGetParam("quantity");
        $quantityType = getGetParam("quantityType");
        $cost = getGetParam("cost");
        $isOrganic = getGetParam("isOrganic");
        $query = "INSERT INTO " . $table . " (ingredientId, storeId, quantity, quantityType, cost, isOrganic)";
        $query .= " VALUES (" . $ingredientId . ", " . $storeId . ", " . $quantity . ", '" . $quantityType . "', " . $cost . ", " . $isOrganic . ")";
        $isInsert = true;
        break;
    default:
        echo str_replace("\$1", $queryType, $errorQueryType);
        return;
}
/*
	Execute the query
*/
$result = $conn->query($query);
if (!$result) {
    echo str_replace("\$1", $conn->error, $errMessage);
    return;
    case "getAllRecipeIngredients":
        $recipeId = getGetParam("recipeId");
        $query = "SELECT t1.id, t1.ingredientId, t2.name, t2.gramsPerCup, t1.recipeId, t1.storeIngredientId, t3.quantity, t3.quantityType, t3.cost, t1.wholeAmount, t1.partialAmount, t1.measurementType";
        $query .= " FROM " . $table . " t1";
        $query .= " LEFT JOIN pmr_ingredient t2 ON t2.id = t1.ingredientId";
        $query .= " LEFT JOIN pmr_store_ingredient t3 ON t3.id = t1.storeIngredientId";
        $query .= " WHERE t1.recipeId = " . $recipeId;
        $isSelect = true;
        break;
    case "insertRecipeIngredient":
        $ingredientId = getGetParam("ingredientId");
        $recipeId = getGetParam("recipeId");
        $storeIngredientId = getGetParam("storeIngredientId");
        $wholeAmount = getGetParam("wholeAmount");
        $partialAmount = getGetParam("partialAmount");
        $measurementType = getGetParam("measurementType");
        $query = "INSERT INTO " . $table . " (ingredientId, recipeId, storeIngredientId, wholeAmount, partialAmount, measurementType)";
        $query .= " VALUES (" . $ingredientId . ", " . $recipeId . ", " . $storeIngredientId . ", " . $wholeAmount . ", '" . $partialAmount . "', '" . $measurementType . "')";
        $isInsert = true;
        break;
    default:
        echo str_replace("\$1", $queryType, $errorQueryType);
        return;
}
/*
	Execute the query
*/
$result = $conn->query($query);
if (!$result) {
    echo str_replace("\$1", $conn->error, $errMessage);
    return;