Initial commit

2024-03-15 12:43:10 +01:00
commit 670b00eeab
424 changed files with 216891 additions and 0 deletions
--- a/api/v1/get/equipments.php
+++ b/api/v1/get/equipments.php
@@ -0,0 +1,196 @@
+<?php
+defined($security_key) or exit;
+
+//------------------------------------------
+// Equipments
+//------------------------------------------
+
+//Connect to DB
+$pdo = dbConnect($dbname);
+
+//Get user_rights from users.php
+$partner = json_decode($partnerhierarchy);  
+
+
+//SoldTo is empty
+if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
+
+//default whereclause
+$whereclause = '';
+
+switch ($permission) {    
+    case '4': 
+        $whereclause = '';
+        break;
+    case '3':
+        $whereclause = '';
+        break;
+    case '2':
+        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
+        $whereclause = 'WHERE e.accounthierarchy like :condition ';
+        break;
+    default:
+        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
+        $whereclause = 'WHERE e.accounthierarchy like :condition ';
+        break;
+} 
+//------------------------------------------
+//NEW ARRAY
+//------------------------------------------
+$criterias = [];   
+$clause = '';
+
+//------------------------------------------
+//Check for $_GET variables and build up clause
+//------------------------------------------
+if(isset($get_content) && $get_content!=''){    
+    //GET VARIABLES FROM URL
+    $requests = explode("&", $get_content);     
+    //Check for keys and values
+    foreach ($requests as $y){
+        $v = explode("=", $y);
+        //INCLUDE VARIABLES IN ARRAY
+        $criterias[$v[0]] = $v[1]; 
+        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='success_msg' || $v[0] =='download'){
+        //do nothing
+        } 
+        elseif ($v[0] == 'equipmentid') {
+        //build up search
+        $clause .= ' AND e.rowID = :'.$v[0]; 
+        }
+        elseif ($v[0] == 'servicedate') {
+        //build up service coverage
+        $clause .= ' AND e.service_date <= :'.$v[0]; 
+        }
+        elseif ($v[0] == 'warrantydate') {
+        //build up warranty coverage
+        $clause .= ' AND e.warranty_date >= :'.$v[0]; 
+        }
+        elseif ($v[0] == 'historyid') {
+        //build up history ID
+        $clause .= ' AND h.rowID = :'.$v[0]; 
+        }
+        elseif ($v[0] == 'type') {
+            //build up history ID
+            $clause .= ' AND h.type = :'.$v[0]; 
+        }
+        elseif ($v[0] == 'h_equipmentid') {
+            //build up search
+            $clause .= ' AND h.equipmentid = :'.$v[0]; 
+        }
+        elseif ($v[0] == 'status') {
+        //Update status based on status
+        $clause .= ' AND e.'.$v[0].' = :'.$v[0];
+        $status = $v[1];
+        }
+        elseif ($v[0] == 'search') {
+        //build up search
+        $clause .= ' AND (serialnumber like :'.$v[0].' OR e.rowID like :'.$v[0].')'; 
+        }
+        elseif ($v[0] == 'partnerid') {
+        //build up accounthierarchy
+        $clause .= ' AND e.accounthierarchy like :'.$v[0]; 
+        }
+        elseif ($v[0] == 'firmware') {
+            //Include systemfirwmare
+            include './settings/systemfirmware.php';
+            //build up search
+            $clause .= ' AND e.status != 5 AND e.sw_version not like "'.substr($FirmwarenameR06, 0, -4).'%"';
+        }
+        else {//create clause
+        $clause .= ' AND '.$v[0].' = :'.$v[0];
+        }
+    }
+    if ($whereclause == '' && $clause !=''){
+        $whereclause = 'WHERE '.substr($clause, 4);
+    } else {
+        $whereclause .= $clause;
+    }
+} 
+if (isset($criterias['download']) && $criterias['download'] ==''){
+//Request for download
+$sql = 'SELECT e.rowID as equipmentID, e.productrowid, e.serialnumber, e.status, e.created, e.hw_version, e.sw_version, e.accounthierarchy, e.service_date, e.warranty_date, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.'  ORDER BY equipmentID';
+}
+elseif (isset($criterias['totals']) && $criterias['totals'] =='' && !isset($criterias['type'])){
+//Request for total rows
+    $sql = 'SELECT count(*) as count from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.'';
+} 
+elseif (isset($criterias['totals']) && $criterias['totals'] =='' && isset($criterias['type'])){
+    //Request for total rows for history reports
+        $sql ='SELECT count(*) as count from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.'';
+} 
+elseif (isset($criterias['history']) && $criterias['history'] ==''){
+    //request history
+    $sql ='SELECT h.rowID as historyID, e.rowID as equipmentID, h.equipmentid as h_equipmentid, e.serialnumber, h.type, h.description, h.created, h.createdby from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.'';
+} 
+else {
+    //SQL for Paging 
+    $sql = 'SELECT e.rowID as equipmentID, e.productrowid, e.serialnumber, e.status, e.created, e.createdby, e.hw_version, e.sw_version, e.accounthierarchy, e.service_date, e.warranty_date, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY equipmentID LIMIT :page,:num_products';
+}
+
+$stmt = $pdo->prepare($sql);
+
+//------------------------------------------
+//Bind to query
+//------------------------------------------
+if (str_contains($whereclause, ':status')){
+    $stmt->bindValue('status', $status, PDO::PARAM_INT);
+}
+if (str_contains($whereclause, ':condition')){
+    $stmt->bindValue('condition', $condition, PDO::PARAM_STR);
+}
+
+if (!empty($criterias)){
+    foreach ($criterias as $key => $value){
+        $key_condition = ':'.$key;
+        if (str_contains($whereclause, $key_condition)){
+            if ($key == 'search'){
+                $search_value = '%'.$value.'%';
+                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
+            }
+            elseif ($key == 'partnerid'){
+                $search_value = '%"_"'.$value.'-%';
+                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
+            }
+            elseif ($key == 'p'){
+                //Do nothing (bug)
+            }
+            else {
+                $stmt->bindValue($key, $value, PDO::PARAM_STR);
+            }
+        }
+    }
+}
+//------------------------------------------
+//Add paging details
+//------------------------------------------
+if(isset($criterias['totals']) && $criterias['totals']==''){
+    $stmt->execute();
+    $messages = $stmt->fetch();
+    $messages = $messages[0];
+}
+elseif ((isset($criterias['history']) && $criterias['history'] =='') || (isset($criterias['download']) && $criterias['download'] =='')){
+     //Excute Query
+     $stmt->execute();
+     //Get results
+     $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+else {
+    $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
+    $stmt->bindValue('page', ($current_page - 1) * $page_rows_equipment, PDO::PARAM_INT);
+    $stmt->bindValue('num_products', $page_rows_equipment, PDO::PARAM_INT);
+    //Excute Query
+    $stmt->execute();
+    //Get results
+    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
+//------------------------------------------
+//Encrypt results
+//------------------------------------------
+$messages = generate_payload($messages);
+//------------------------------------------
+//Send results
+//------------------------------------------
+echo $messages; 
+
+?>