CMXX - Improved whereclause

api/v1/get/accounts.php

@@ -12,20 +12,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/application.php

@@ -29,24 +29,8 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //------------------------------------------
 //default whereclause
 //------------------------------------------
-$whereclause = '';
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //------------------------------------------
 //NEW ARRAY

api/v1/get/cartests.php

@@ -12,24 +12,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/communications.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE salesID like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclauselvl2('communications',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/equipment_data.php

@@ -15,24 +15,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-} 
 //------------------------------------------
 //NEW ARRAY
 //------------------------------------------

api/v1/get/equipments.php

@@ -16,24 +16,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-} 
 //------------------------------------------
 //NEW ARRAY
 //------------------------------------------

api/v1/get/partners.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE salesID like :condition';
-        break;
-} 
+list($whereclause,$condition) = getWhereclauselvl2('partners',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/products.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/products_software.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/products_versions.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v1/get/profile.php

@@ -12,24 +12,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('profile',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-} 
 //NEW ARRAY
 $criterias = [];   
 $clause = '';

api/v1/get/users.php

@@ -12,24 +12,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('profile',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-} 
 //NEW ARRAY
 $criterias = [];   
 $clause = '';

api/v1/post/accounts.php

@@ -13,21 +13,9 @@ $post_content = json_decode(decode_payload($input),true);
 //SoldTo is empty
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
-//default whereclause to check if data is owned buy user
-$whereclause = '';
+//default whereclause
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v1/post/communications.php

@@ -14,20 +14,8 @@ $post_content = json_decode(decode_payload($input),true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v1/post/contracts.php

@@ -16,22 +16,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v1/post/equipments.php

@@ -16,22 +16,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v1/post/partners.php

@@ -14,20 +14,7 @@ $post_content = json_decode(decode_payload($input),true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause to check if data is owned by user
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND salesID like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2('partners',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['partnerID'] ?? ''; //check for rowID

api/v1/post/products.php

@@ -14,20 +14,8 @@ $post_content = json_decode(decode_payload($input),true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v1/post/products_software.php

@@ -14,20 +14,8 @@ $post_content = json_decode(decode_payload($input),true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //ENSURE PRODUCTROWID IS SEND
 if (isset($post_content['productrowid']) && $post_content['productrowid'] != ''){

api/v1/post/products_versions.php

@@ -14,20 +14,8 @@ $post_content = json_decode(decode_payload($input),true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //ENSURE PRODUCTROWID IS SEND
 if (isset($post_content['productrowid']) && $post_content['productrowid'] != ''){

api/v1/post/users.php

@@ -15,24 +15,8 @@ $owner_user = 0;
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause to check if data is owned by user
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('profile',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND partnerhierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND partnerhierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = (isset($post_content['id'])) ? $post_content['id']: ''; //check for rowID

api/v2/get/accounts.php

@@ -12,20 +12,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/cartests.php

@@ -12,24 +12,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/categories.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/discounts.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE d.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("discounts",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/equipment_data.php

@@ -15,24 +15,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-} 
 //------------------------------------------
 //NEW ARRAY
 //------------------------------------------

api/v2/get/equipment_healthindex.php

@@ -15,24 +15,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-} 
 //------------------------------------------
 //NEW ARRAY
 //------------------------------------------

api/v2/get/equipments.php

@@ -15,24 +15,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE e.accounthierarchy like :condition ';
-        break;
-} 
 //------------------------------------------
 //NEW ARRAY
 //------------------------------------------

api/v2/get/invoice.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE inv.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("invoice",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   
@@ -62,7 +49,8 @@ if(isset($criterias['totals']) && $criterias['totals'] ==''){
 } 
 elseif (isset($criterias['list']) && $criterias['list'] =='invoice'){
     //SQL for Paging 
-    $sql = 'SELECT tx.*, txi.*, p.productname, inv.id as invoice, inv.created as invoice_created FROM transactions tx 
+    $sql = 'SELECT tx.*, txi.item_id as item_id,txi.item_price as item_price, txi.item_quantity as item_quantity, txi.item_options as item_options, p.productcode, p.productname, inv.id as invoice, inv.created as invoice_created 
+            FROM transactions tx 
             left join invoice inv ON tx.id = inv.txn_id
             left join transactions_items txi ON tx.id = txi.txn_id
             left join products p ON p.rowID = txi.item_id '.$whereclause;

api/v2/get/media.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/pricelists.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE pls.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('pricelist',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/pricelists_items.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_attributes.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_attributes_items.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE pat.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("attributes",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_categories.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_configurations.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE pc.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("config",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_software.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE p.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("software",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/products_versions.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/rma.php

@@ -11,24 +11,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/rma_history.php

@@ -11,24 +11,8 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE accounthierarchy like :condition ';
-        break;
-} 
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/shipping.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/taxes.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/transactions.php

@@ -12,20 +12,7 @@ $pdo = dbConnect($dbname);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE tx.accounthierarchy like "'.$condition.'"';
-        break;
-} 
+$whereclause = getWhereclauselvl2("transactions",$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   
@@ -62,8 +49,16 @@ if(isset($get_content) && $get_content!=''){
 //Define Query
 if(isset($criterias['totals']) && $criterias['totals'] ==''){
 //Request for total rows
-    $sql = 'SELECT count(*) as count FROM transactions '.$whereclause.'';
+    $sql = 'SELECT count(*) as count FROM transactions tx '.$whereclause.'';
 } 
+elseif (isset($criterias['list']) && $criterias['list'] =='order'){
+    //SQL for Paging 
+    $sql = 'SELECT tx.*, txi.item_id as item_id,txi.item_price as item_price, txi.item_quantity as item_quantity, txi.item_options as item_options, p.productcode, p.productname, inv.id as invoice, inv.created as invoice_created 
+            FROM transactions tx 
+            left join invoice inv ON tx.id = inv.txn_id
+            left join transactions_items txi ON tx.id = txi.txn_id
+            left join products p ON p.rowID = txi.item_id '.$whereclause;
+}
 else {
     //SQL for Paging 
     $sql = 'SELECT * FROM transactions tx '.$whereclause.' LIMIT :page,:num_products';
@@ -95,6 +90,12 @@ if(isset($criterias['totals']) && $criterias['totals']==''){
     $stmt->execute();
     $messages = $stmt->fetch();
     $messages = $messages[0];
+}
+elseif (isset($criterias['list']) && $criterias['list']=='order'){
+    $stmt->execute();
+    //Get results
+    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+    $messages = transformOrderData($messages);
 } 
 else {
     $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;

api/v2/get/transactions_items.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/translations.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/translations_details.php

@@ -14,18 +14,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //NEW ARRAY
 $criterias = [];   

api/v2/get/users.php

@@ -12,24 +12,8 @@ $partner = json_decode($partnerhierarchy);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('profile',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = 'WHERE partnerhierarchy  like :condition ';
-        break;
-} 
 //NEW ARRAY
 $criterias = [];   
 $clause = '';

api/v2/post/accounts.php

@@ -13,21 +13,8 @@ $post_content = json_decode($input,true);
 //SoldTo is empty
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
-//default whereclause to check if data is owned buy user
-$whereclause = '';
-
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
+//default whereclause
+list($whereclause,$condition) = getWhereclause('equipment',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/categories.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+$whereclause = getWhereclauselvl2("categories",$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND c.accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //BUILD UP PARTNERHIERARCHY FROM USER
 $partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$partner->soldto), JSON_UNESCAPED_UNICODE);

api/v2/post/contracts.php

@@ -16,22 +16,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/discounts.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //BUILD UP PARTNERHIERARCHY FROM USER
 $partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$partner->soldto), JSON_UNESCAPED_UNICODE);

api/v2/post/equipments.php

@@ -16,22 +16,7 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
 //default whereclause
 $whereclause = '';
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/invoice.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['id'] ?? ''; //check for rowID

api/v2/post/media.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/placeorder.php

@@ -110,6 +110,11 @@ if (isset($post_content['cart']) && isset($post_content['checkout_input']) && is
         $stmt->execute([$transaction_id, $product['id'], $product['options_price'], $product['quantity'], $options]);
     }
 
+    //CHECK IF GIFTCARD IS USED AND THEN DISABLE IT
+    if ($checkout_input['discount_code'] !=''){
+        useGiftCart($pdo,$checkout_input['discount_code'],$partner_product);
+    }
+
     //Return to checkout page
     $messages = [
         "id" => $transaction_id,

api/v2/post/pricelists.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/pricelists_items.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/products.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/products_attributes.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/products_attributes_items.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/products_categories.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 //CHECK IF PRODUCT ID IS SEND
 if (isset($post_content['product_id']) && $post_content['product_id'] != ''){
 

api/v2/post/products_configurations.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //ENSURE PRODUCTROWID IS SEND
 if (isset($post_content['productrowid']) && $post_content['productrowid'] != ''){

api/v2/post/products_software.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //ENSURE PRODUCTROWID IS SEND
 if (isset($post_content['productrowid']) && $post_content['productrowid'] != ''){

api/v2/post/products_versions.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //ENSURE PRODUCTROWID IS SEND
 if (isset($post_content['productrowid']) && $post_content['productrowid'] != ''){

api/v2/post/shipping.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //BUILD UP PARTNERHIERARCHY FROM USER
 $partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$partner->soldto), JSON_UNESCAPED_UNICODE);

api/v2/post/transactions.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //WEBSHOP UPDATE CAN SEND TXN_ID ONLY
 if (isset($post_content['txn_id']) && $post_content['txn_id'] != '' && !isset($post_content['id'])){
@@ -65,6 +53,20 @@ $partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$par
 //ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE
 if ($command == 'update'){
 
+    //CHECK IF PAYMENT STATUS is PAID (1)
+    if(isset($post_content['payment_status']) && $post_content['payment_status'] == 1){
+
+        //check if GIFTCARD ID IS PROVIDED AND NOT EMPTY
+        if(isset($post_content['giftcard_categoryID']) && $post_content['giftcard_categoryID'] != ''){
+
+            //CHECK FOR GIFTCARDS IN ORDER AND CREATE WHEN AVAILABLE AND NOT CREATED YET
+            createGiftCart($pdo, $post_content['id'], $post_content['giftcard_categoryID'],$partner_product);
+
+            //remove giftcard_categoryID from $post_content array
+            unset($post_content['giftcard_categoryID']);
+        }
+    }
+
 }
 elseif ($command == 'insert'){
     $post_content['accounthierarchy'] = $partner_product;

api/v2/post/translations.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/translations_details.php

@@ -14,20 +14,8 @@ $post_content = json_decode($input,true);
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
 //default whereclause
-$whereclause = '';
+list($whereclause,$condition) = getWhereclause('',$permission,$partner);
 
-switch ($permission) {    
-    case '4':
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;  
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND accounthierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = $post_content['rowID'] ?? ''; //check for rowID

api/v2/post/users.php

@@ -14,25 +14,9 @@ $owner_user = 0;
 //SoldTo is empty
 if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
 
-//default whereclause to check if data is owned by user
-$whereclause = '';
+//default whereclause
+list($whereclause,$condition) = getWhereclause('profile',$permission,$partner);
 
-switch ($permission) {    
-    case '4': 
-        $whereclause = '';
-        break;
-    case '3':
-        $whereclause = '';
-        break;
-    case '2':
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
-        $whereclause = ' AND partnerhierarchy like "'.$condition.'"';
-        break;
-    default:
-        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
-        $whereclause = ' AND partnerhierarchy like "'.$condition.'"';
-        break;
-} 
 
 //SET PARAMETERS FOR QUERY
 $id = (isset($post_content['id'])) ? $post_content['id']: ''; //check for rowID