stoat/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix php

Browse Source
This commit is contained in:
John Peck
2025-11-29 09:35:18 +00:00
parent c1667681e7
commit 1c2d8a3b6d
8 changed files with 351 additions and 382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
lsr.php
View File

@@ -4,10 +4,6 @@ $dbconn = pg_connect("host=localhost dbname=nws user=nws password=nws")
or die('Could not connect: ' . pg_last_error());
if (isset($_GET['ohgo'])) {
$query = "SELECT jsonb_build_object(
'type', 'FeatureCollection',
@@ -56,8 +52,6 @@ if (isset($_GET['ohgo'])) {
}
if (isset($_GET['ohgotable'])) {
// Performing SQL query
$query = "SELECT CASE WHEN COALESCE(lsr, FALSE) THEN 'true' ELSE 'false' END AS lsr,
@@ -84,18 +78,15 @@ ORDER BY start ASC
// Free resultset
pg_free_result($result);
// Closing connection (uncomment if needed)
// pg_close($dbconn);
}
if (isset($_GET['lsrohgo'])) {
if ($_GET['lsrohgo'] == 'true') {
$lsrflag = 'true';
} else {
$lsrflag = 'false';
}
$lsrflag = 'true';
} else {
$lsrflag = 'false';
}
$id = (int) $_GET['id'];
$query = "UPDATE ohgo SET lsr = $1 WHERE id = $2";
$result = pg_query_params($dbconn, $query, array($lsrflag, $id)) or die('Query failed: ' . pg_last_error());
@@ -105,10 +96,10 @@ if (isset($_GET['lsrohgo'])) {
if (isset($_GET['ohgohide'])) {
if ($_GET['ohgohide'] == 'true') {
$lsrflag = 'true';
} else {
$lsrflag = 'false';
}
$lsrflag = 'true';
} else {
$lsrflag = 'false';
}
$id = (int) $_GET['id'];
$query = "UPDATE ohgo SET hide = $1 WHERE id = $2";
$result = pg_query_params($dbconn, $query, array($lsrflag, $id)) or die('Query failed: ' . pg_last_error());
@@ -169,11 +160,11 @@ if (isset($_GET['preflagreports'])) {
$vtec = $_GET['preflagreports'];
$query = "SELECT * from reports WHERE severe = $1";
$result = pg_query_params($dbconn, $query, array($vtec)) or die('Query failed: ' . pg_last_error());
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$array[] = $line;
}
echo json_encode($array);
echo json_encode($array);
pg_free_result($result);
}
@@ -183,20 +174,20 @@ if (isset($_GET['preflagreports'])) {
if (isset($_GET['reports'])) {
$vtec = $_GET['reports'];
if (isset($_GET['hours'])) {
$hours = $_GET['hours'];
} else {
$hours = 6;
}
//echo $hours;
$hours = $_GET['hours'];
} else {
$hours = 6;
}
//echo $hours;
$query = "SELECT * from reports,svr where ST_Contains(svr.nwspoly, reports.geom) and vtec = $1 and reports.initialdtg AT TIME ZONE 'America/New_York' > svr.issue AND reports.initialdtg AT TIME ZONE 'America/New_York' < svr.issue + (INTERVAL '1 h' * $2)";
$result = pg_query_params($dbconn, $query, array($vtec,$hours)) or die('Query failed: ' . pg_last_error());
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$array[] = $line;
}
echo json_encode($array);
echo json_encode($array);
pg_free_result($result);
}
@@ -206,30 +197,24 @@ if (isset($_GET['hours'])) {
if (isset($_GET['outages'])) {
$vtec = $_GET['outages'];
if (isset($_GET['hours'])) {
$hours = $_GET['hours'];
} else {
$hours = 1;
}
//echo $hours;
$hours = $_GET['hours'];
} else {
$hours = 1;
}
//echo $hours;
$query = "SELECT power.lat,power.lon,power.peakoutage,power.cause,power.derivedstart,power.lastchange from power,svr where ST_Contains(svr.nwspoly, power.realgeom) and vtec = $1 and derivedstart > svr.issue AND derivedstart < svr.issue + (INTERVAL '1 h' * $2)";
$result = pg_query_params($dbconn, $query, array($vtec,$hours)) or die('Query failed: ' . pg_last_error());
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$array[] = $line;
}
echo json_encode($array);
echo json_encode($array);
pg_free_result($result);
}
//no gets, curent point outage info
if(empty($_GET)) {
$result = pg_query_params($dbconn,
@@ -241,15 +226,6 @@ pg_free_result($result);
}
//For real time mapping
if($_GET['verify'] ?? null) {
@@ -318,9 +294,6 @@ pg_free_result($result);
}
//Stats
if (isset($_GET['stats'])) {
$query = "SELECT county, state, MAX(emailtime), count(*) FROM reports where county is not null and (state = 'WV' or state = 'VA' or state = 'KY' or state = 'OH') GROUP BY county, state";
@@ -340,27 +313,25 @@ pg_free_result($result);
if (isset($_GET['metars'])) {
if (isset($_GET['start'])) {
$start = $_GET['start'];
}
$start = $_GET['start'];
}
if (isset($_GET['end'])) {
$end = $_GET['end'];
}
$end = $_GET['end'];
}
$query = "SELECT icao,temp,dewp,wx,precip1,precip3,precip6,raw,obtime,stationname,lat,lon from metars where obtime - interval '45 minutes' > $1 and obtime < $2 order by lon asc";
$result = pg_query_params($dbconn, $query, array($start,$end)) or die('Query failed: ' . pg_last_error());
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$array[] = $line;
} //echo($array);
echo json_encode($array);
echo json_encode($array);
pg_free_result($result);
}
if (isset($_GET['news'])) {
//$query = "SELECT headline, summary, imageurl, source, storylink, updated from news where notrelevant is not true";
$query = "
@@ -469,7 +440,7 @@ if (isset($_GET['news3'])) {
}
// --- FIXED SECTION: newsarchive ---
if (isset($_GET['newsarchive'])) {
// Initialize variables
$start = isset($_GET['start']) ? $_GET['start'] : null;
@@ -492,7 +463,8 @@ if (isset($_GET['newsarchive'])) {
// Build parameter placeholders
$placeholders = [];
for ($i = 1; $i <= count($patterns); $i++) {
$placeholders[] = "\${$i}::text";
// FIXED: Use concatenation to create "$1::text"
$placeholders[] = '$' . $i . '::text';
}
$placeholder_string = implode(',', $placeholders);
@@ -514,12 +486,14 @@ if (isset($_GET['newsarchive'])) {
$param_count = count($patterns);
if ($start) {
$param_count++;
$query .= " AND timeutc >= $${param_count}";
// FIXED: Use concatenation instead of deprecated interpolation
$query .= " AND timeutc >= $" . $param_count;
$params[] = $start;
}
if ($end) {
$param_count++;
$query .= " AND timeutc <= $${param_count}";
// FIXED: Use concatenation instead of deprecated interpolation
$query .= " AND timeutc <= $" . $param_count;
$params[] = $end;
}
@@ -537,8 +511,6 @@ if (isset($_GET['newsarchive'])) {
}
if (isset($_GET['wv511'])) {
$query = "SELECT jsonb_build_object(
'type', 'FeatureCollection',
@@ -588,7 +560,6 @@ if (isset($_GET['wv511'])) {
}
if (isset($_GET['ky511'])) {
$query = "SELECT jsonb_build_object(
'type', 'FeatureCollection',
@@ -637,7 +608,6 @@ if (isset($_GET['ky511'])) {
}
if (isset($_GET['getCombinedTable'])) {
// Combined SQL query using UNION ALL with CAST for 'id'
@@ -692,7 +662,7 @@ if (isset($_GET['getCombinedTable'])) {
wv511.name !~ 'Vehicle' and wv511.name !~ 'Dead Animal' and wv511.name !~ 'Debris in Roadway' and wv511.name !~ 'Congestion-Delay' and
wv511.name !~ 'Pot hole' and wv511.name !~ 'Debris On Bridge' and wv511.name !~ 'Attenuator' and wv511.name !~ 'Pedestrian' and
wv511.name !~ 'Bridge Closed' and wv511.name !~ 'Truck on escape' and wv511.name !~ 'Bridge Incident' and wv511.name !~ 'Escape Ramp' AND
wv511.name !~ 'Signal'
wv511.name !~ 'Signal'
UNION ALL
-- KY511 Query
@@ -761,13 +731,10 @@ if (isset($_GET['getCombinedTable'])) {
// Add more table names here as needed in the future.
if (isset($_GET['updater'])) {
$allowedTables = ['wv511', 'ky511.ky511', 'ohgo'];
if (isset($_GET['lsr']) && isset($_GET['id']) && isset($_GET['table'])) {
// --- Handle LSR Update ---
$requestedTable = $_GET['table'];
$lsrInput = $_GET['lsr'];
@@ -784,9 +751,7 @@ if (isset($_GET['lsr']) && isset($_GET['id']) && isset($_GET['table'])) {
$tableNameEscaped = $requestedTable;
// **** IMPORTANT: Ensure your ID column is actually TEXT/VARCHAR if you're not casting to int ****
// If 'id' is numeric, you MUST validate/cast it like in the 'hide' block.
// Assuming 'id' is text for now based on your original code for LSR:
// Note: {$tableNameEscaped} is VALID complex syntax. The issue was with ${var}
$query = "UPDATE {$tableNameEscaped} SET lsr = $1 WHERE id = $2";
$result = pg_query_params($dbconn, $query, array($lsrflag, $id));
@@ -818,7 +783,6 @@ if (isset($_GET['lsr']) && isset($_GET['id']) && isset($_GET['table'])) {
$tableNameEscaped = $requestedTable;
// Assuming 'id' is numeric based on your validation here
$query = "UPDATE {$tableNameEscaped} SET hide = $1 WHERE id = $2";
$result = pg_query_params($dbconn, $query, array($hideflag, $id));
@@ -857,17 +821,5 @@ if (isset($_GET['lsr']) && isset($_GET['id']) && isset($_GET['table'])) {
}
pg_close($dbconn);
?>
?>