pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CIM69 - car database

Browse Source
This commit is contained in:
“VeLiTi”
2024-06-14 15:59:01 +02:00
parent c53535b50b
commit 3528be22b8
18 changed files with 1552 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
api/v1/get/cartests.php
View File

@@ -10,17 +10,9 @@ $pdo = dbConnect($dbname);
//NEW ARRAY
$criterias = [];
$whereclause = 'WHERE type="cartest"';
$whereclause = '';
$clause = '';
//FILTER FOR GROUPBY FILTERS on CAR
$filter1 = '"CarBrand": "';
$filter2 = '"CarType": "';
$filter3 = '"CarVIN": "';
$car_brand = 'SUBSTRING_INDEX(SUBSTRING_INDEX(description, "'.$filter1.'", -1),"'.$filter2.'",1)';
$car_type = 'SUBSTRING_INDEX(SUBSTRING_INDEX(description, "'.$filter2.'", -1),"'.$filter3.'",1)';
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
@@ -31,12 +23,12 @@ if(isset($get_content) && $get_content!=''){
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list'|| $v[0] =='success_msg'){
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='download' || $v[0] =='list'|| $v[0] =='success_msg'){
//do nothing
}
elseif ($v[0] == 'search') {
//build up search
$clause .= ' AND '.$car_brand.' like :'.$v[0];
$clause .= ' AND (carbrand like :'.$v[0].' OR createdby like :'.$v[0].')';
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
@@ -51,15 +43,23 @@ if(isset($get_content) && $get_content!=''){
//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
$sql = 'SELECT count(*) as count FROM history '.$whereclause;
$sql = 'SELECT count(*) as count FROM cartest '.$whereclause;
}
elseif(isset($criterias['list']) && $criterias['list'] ==''){
elseif(isset($criterias['list']) && $criterias['list'] =='brand'){
//Request for total rows
$sql = 'SELECT distinct('.$car_brand.') FROM history '.$whereclause;
}
$sql = 'SELECT distinct(carbrand) FROM cartest '.$whereclause;
}
elseif(isset($criterias['list']) && $criterias['list'] =='type'){
//Request for total rows
$sql = 'SELECT distinct(cartype) FROM cartest '.$whereclause;
}
elseif(isset($criterias['download']) && $criterias['download'] ==''){
//Request for total rows
$sql = 'SELECT * FROM cartest '.$whereclause;
}
else {
//SQL for Paging
$sql = "SELECT *, SUBSTRING_INDEX(SUBSTRING_INDEX(description, '$filter1', -1),'$filter2',1) as carbrand from history $whereclause group by SUBSTRING_INDEX(SUBSTRING_INDEX(description, '$filter1', -1),'$filter2',1), SUBSTRING_INDEX(SUBSTRING_INDEX(description, '$filter2', -1),'$filter3',1) ORDER BY carbrand DESC LIMIT :page,:num_products";
$sql = "SELECT * from cartest $whereclause ORDER BY carbrand, cartype DESC LIMIT :page,:num_products";
}
$stmt = $pdo->prepare($sql);
@@ -84,13 +84,21 @@ if (!empty($criterias)){
}
}
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$sql.';'.$username;
debuglog($message);
}
//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute();
$messages = $stmt->fetch();
$messages = $messages[0];
}
elseif(isset($criterias['list']) && $criterias['list']==''){
elseif ((isset($criterias['list']) && $criterias['list']!='') || (isset($criterias['download']) && $criterias['download'] =='')){
//Excute Query
$stmt->execute();
//Get results

76
api/v1/post/cartests.php Normal file
View File

@@ -0,0 +1,76 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// CarTESTS
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//CONTENT FROM API (POST)
$post_content = json_decode(decode_payload($input),true);
//default whereclause
$whereclause = '';
//SET PARAMETERS FOR QUERY
$id = $post_content['rowID'] ?? ''; //check for rowID
$command = ($id == '')? 'insert' : 'update'; //IF rowID = empty then INSERT
if (isset($post_content['delete'])){$command = 'delete';} //change command to delete
$date = date('Y-m-d H:i:s');
//CREATE EMPTY STRINGS
$clause = '';
$clause_insert ='';
$input_insert = '';
//ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE
if ($command == 'insert'){
$post_content['created'] = $date;
$post_content['createdby'] = $username;
}
//CREAT NEW ARRAY AND MAP TO CLAUSE
if(isset($post_content) && $post_content!=''){
foreach ($post_content as $key => $var){
if ($key == 'submit' || $key == 'delete' || $key == 'rowID'){
//do nothing
}
else {
$criterias[$key] = $var;
$clause .= ' , '.$key.' = ?';
$clause_insert .= ' , '.$key.'';
$input_insert .= ', ?'; // ? for each insert item
$execute_input[]= $var; // Build array for input
}
}
}
//CLEAN UP INPUT
$clause = substr($clause, 2); //Clean clause - remove first comma
$clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
$input_insert = substr($input_insert, 1); //Clean clause - remove first comma
//QUERY AND VERIFY ALLOWED
if ($command == 'update' && isAllowed('cartest_manage',$profile,$permission,'U') === 1){
$sql = 'UPDATE cartest SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
$execute_input[] = $id;
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
}
elseif ($command == 'insert' && isAllowed('cartest_manage',$profile,$permission,'C') === 1){
$sql = 'INSERT INTO cartest ('.$clause_insert.') VALUES ('.$input_insert.')';
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
}
elseif ($command == 'delete' && isAllowed('cartest_manage',$profile,$permission,'D') === 1){
$stmt = $pdo->prepare('DELETE FROM cartest WHERE rowID = ? '.$whereclause.'');
$stmt->execute([ $id ]);
//Add deletion to changelog
changelog($dbname,'cartest',$id,'Delete','Delete',$username);
} else
{
//do nothing
}
?>