soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} //default whereclause $whereclause = ''; //NEW ARRAY $criterias = []; $clause = ''; //Check for $_GET variables and build up clause if(isset($get_content) && $get_content!=''){ //GET VARIABLES FROM URL $requests = explode("&", $get_content); //Check for keys and values foreach ($requests as $y){ $v = explode("=", $y); //INCLUDE VARIABLES IN ARRAY $criterias[$v[0]] = $v[1]; if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){ //do nothing } else {//create clause $clause .= ' AND '.$v[0].' = :'.$v[0]; } } if ($whereclause == '' && $clause !=''){ $whereclause = 'WHERE '.substr($clause, 4); } else { $whereclause .= $clause; } } //ENSURE PRODUCTROWID IS SEND if (isset($criterias['product_id']) && $criterias['product_id'] != ''){ //CHECK IF ALLOWED TO CRUD VERSIONS $sql = "SELECT * FROM products WHERE rowID = ? '.$whereclause.'"; $stmt = $pdo->prepare($sql); $stmt->execute([$criterias['product_id']]); $product_data = $stmt->fetch(); $product_owner = ($product_data['rowID'])? 1 : 0; //IF PRODUCT IS OWNED THEN CRUD is ALLOWED if ($product_owner === 1 ){ //Define Query if(isset($criterias['totals']) && $criterias['totals'] ==''){ //Request for total rows $sql = 'SELECT count(*) as count FROM products_media '.$whereclause.''; } elseif (isset($criterias['list']) && $criterias['list'] =='') { //SQL for Paging $sql = 'SELECT * FROM products_media '.$whereclause.''; } else { //SQL for Paging $sql = 'SELECT p_m.*, m.full_path FROM products_media p_m LEFT JOIN media m ON p_m.media_id = m.rowID '.$whereclause.''; } $stmt = $pdo->prepare($sql); //Bind to query if (str_contains($whereclause, ':condition')){ $stmt->bindValue('condition', $condition, PDO::PARAM_STR); } if (!empty($criterias)){ foreach ($criterias as $key => $value){ $key_condition = ':'.$key; if (str_contains($whereclause, $key_condition)){ if ($key == 'search'){ $search_value = '%'.$value.'%'; $stmt->bindValue($key, $search_value, PDO::PARAM_STR); } else { $stmt->bindValue($key, $value, PDO::PARAM_STR); } } } } //Add paging details if(isset($criterias['totals']) && $criterias['totals']==''){ $stmt->execute(); $messages = $stmt->fetch(); $messages = $messages[0]; } elseif(isset($criterias['list']) && $criterias['list']==''){ //Excute Query $stmt->execute(); //Get results $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } else { //$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; //$stmt->bindValue('page', ($current_page - 1) * $page_rows_products, PDO::PARAM_INT); //$stmt->bindValue('num_products', $page_rows_products, PDO::PARAM_INT); //Excute Query $stmt->execute(); //Get results $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } //------------------------------------------ //JSON_ENCODE //------------------------------------------ $messages = json_encode($messages, JSON_UNESCAPED_UNICODE); //Send results echo $messages; } } ?>