soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} //default whereclause $whereclause = ''; $hierarchy_level = getHierarchyLevel($partner); switch ($hierarchy_level) { case '0': $whereclause = ''; break; case '1': $condition = '__salesid___'.$partner->salesid.'___soldto___%'; $whereclause = 'WHERE e.accounthierarchy like :condition '; break; case '2': $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search; $whereclause = 'WHERE e.accounthierarchy like :condition AND (type = "'.$type1.'" or type = "'.$type2.'" or type = "'.$type3.'" or type = "'.$type9.'" or type = "'.$type14.'" or type = "'.$type16.'")'; break; case '3': $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.$soldto_search; $whereclause = 'WHERE e.accounthierarchy like :condition AND (type = "'.$type1.'" or type = "'.$type2.'" or type = "'.$type3.'" or type = "'.$type14.'" or type = "'.$type16.'")'; break; case '4': $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%'; $whereclause = 'WHERE e.accounthierarchy like :condition AND (type = "'.$type1.'" or type = "'.$type2.'" or type = "'.$type3.'" or type = "'.$type14.'" or type = "'.$type16.'")'; break; } //NEW ARRAY $criterias = []; $clause = ''; $type_check = false; //Check for $_GET variables and build up clause if(isset($get_content) && $get_content!=''){ //GET VARIABLES FROM URL $requests = explode("&", $get_content); //Check for keys and values foreach ($requests as $y){ $v = explode("=", $y); //INCLUDE VARIABLES IN ARRAY $criterias[$v[0]] = $v[1]; if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='history'){ //do nothing } elseif ($v[0] == 'equipmentid' || $v[0] == 'equipmentID') { //build up search $clause .= ' AND e.rowID = :'.$v[0]; } elseif ($v[0] == 'historyid') { //build up search $clause .= ' AND h.rowID = :'.$v[0]; } elseif ($v[0] == 'status') { //Update status based on status $clause .= ' AND e.'.$v[0].' = :'.$v[0]; } elseif ($v[0] == 'search') { //build up search $clause .= ' AND (h.rowID like :'.$v[0].' OR h.createdby like :'.$v[0].')'; } elseif ($v[0] == 'serialnumber') { //build up serialnumber //check if multiple serialnumbers are provided if (str_contains($v[1], ',')){ $inputs = explode(",",$v[1]); $new_querystring = ''; //empty querystring $x=0; foreach($inputs as $input){ //create key $new_key = $v[0].'_'.$x; //inject new key/value to array $criterias[$new_key] = $input; $new_querystring .= ':'.$new_key.','; $x++; } //remove obsolete last character from new_querystring $new_querystring = substr($new_querystring,0, -1); //add new_querystring to clause $clause .= ' AND e.serialnumber IN ('.$new_querystring.')'; //remove original key/value from array unset($criterias[$v[0]]); } else { $clause .= ' AND e.serialnumber IN (:'.$v[0].')'; } } elseif ($v[0] == 'type') { if ($v[1] == 'servicereport') { //Filter out only relevant servicereports $filter_key_1 = '"%serialnumber%"'; $filter_key_2 = '"ServiceReport"'; $clause .= ' AND h.type = '.$filter_key_2.' AND NOT e.productrowid = "31" AND h.description like '.$filter_key_1; //remove from criterias to prevent double binding unset($criterias[$v[0]]); } elseif (str_contains($v[1], ',')) { //check if multiple types are provided $inputs = explode(",",$v[1]); $new_querystring = ''; //empty querystring $x=0; foreach($inputs as $input){ //create key $new_key = $v[0].'_'.$x; //inject new key/value to array $criterias[$new_key] = $input; $new_querystring .= ':'.$new_key.','; $x++; } //remove obsolete last character from new_querystring $new_querystring = substr($new_querystring,0, -1); //add new_querystring to clause $clause .= ' AND h.type IN ('.$new_querystring.')'; //remove original key/value from array $type_check = true; unset($criterias[$v[0]]); } else { $clause .= ' AND h.type = :'.$v[0]; } } elseif ($v[0] == 'created') { //build up search $clause .= ' AND h.created > :'.$v[0]; } else {//create clause $clause .= ' AND '.$v[0].' = :'.$v[0]; } } if ($whereclause == '' && $clause !=''){ $whereclause = 'WHERE '.substr($clause, 4); } else { $whereclause .= $clause; } } if(isset($criterias['totals']) && $criterias['totals'] ==''){ //Request for total rows $sql ='SELECT count(h.rowID) as historyID FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.''; } elseif($type_check){ $sql ='SELECT h.rowID as historyID, e.rowID as equipmentID, e.serialnumber, h.type, h.description, h.created, h.createdby FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.' ORDER BY h.created DESC'; } else { //request history $sql ='SELECT h.rowID as historyID, e.rowID as equipmentID, e.serialnumber, h.type, h.description, h.created, h.createdby FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.' ORDER BY h.created DESC LIMIT :page,:num_products'; } $stmt = $pdo->prepare($sql); //Bind to query if (str_contains($whereclause, ':status')){ $stmt->bindValue('status', $status, PDO::PARAM_INT); } if (str_contains($whereclause, ':condition')){ $stmt->bindValue('condition', $condition, PDO::PARAM_STR); } if (!empty($criterias)){ foreach ($criterias as $key => $value){ $key_condition = ':'.$key; if (str_contains($whereclause, $key_condition)){ if ($key == 'search'){ $search_value = '%'.$value.'%'; $stmt->bindValue($key, $search_value, PDO::PARAM_STR); } else { $stmt->bindValue($key, $value, PDO::PARAM_STR); } } } } //Add paging details if(isset($criterias['totals']) && $criterias['totals']==''){ $stmt->execute(); $messages = $stmt->fetch(); $messages = $messages[0]; } elseif($type_check){ //Excute Query $stmt->execute(); //Get results $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } else { $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; $stmt->bindValue('page', ($current_page - 1) * $page_rows_history, PDO::PARAM_INT); $stmt->bindValue('num_products', $page_rows_history, PDO::PARAM_INT); //Excute Query $stmt->execute(); //Get results $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); } // Clean up nested JSON in description fields before final encoding if (!isset($criterias['totals']) || $criterias['totals'] != '') { foreach ($messages as &$message) { if (isset($message['description']) && is_string($message['description'])) { $decoded = json_decode($message['description'], true); if (json_last_error() === JSON_ERROR_NONE) { $message['description'] = json_encode($decoded, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); } } } } //------------------------------------------ //JSON_ENCODE //------------------------------------------ $messages = json_encode($messages, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); //Send results echo $messages; ?>