<?php
defined($security_key) or exit;

//------------------------------------------
// invoice
//------------------------------------------

//Connect to DB
$pdo = dbConnect($dbname);

//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}

//default whereclause
list($whereclause,$condition) = getWhereclauselvl2("invoice",$permission,$partner,'get');

//NEW ARRAY
$criterias = [];   
$clause = '';

//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){    
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);     
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1]; 
    
        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){
        //do nothing
        }  
        else {//create clause
            $clause .= ' AND inv.'.$v[0].' = :'.$v[0];
        }
    }
    if ($whereclause == '' && $clause !=''){
        $whereclause = 'WHERE '.substr($clause, 4);
    } else {
        $whereclause .= $clause;
    }
} 

//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
    $sql = 'SELECT count(*) as count FROM invoice inv '.$whereclause.'';
} 
elseif (isset($criterias['list']) && $criterias['list'] =='invoice'){
    //SQL for Paging 
    $sql = 'SELECT tx.*, txi.item_id as item_id,txi.item_price as item_price, txi.item_quantity as item_quantity, txi.item_options as item_options, p.productcode, p.productname, inv.id as invoice, inv.created as invoice_created, i.language as user_language 
            FROM transactions tx 
            left join invoice inv ON tx.txn_id = inv.txn_id
            left join transactions_items txi ON tx.id = txi.txn_id
            left join products p ON p.rowID = txi.item_id 
            left join identity i ON i.userkey = tx.account_id '.$whereclause;
}
else {
    //SQL for Paging 
    $sql = 'SELECT * FROM invoice inv '.$whereclause.' LIMIT :page,:num_products';
}
$stmt = $pdo->prepare($sql);

//Bind to query
if (str_contains($whereclause, ':condition')){
    $stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}

if (!empty($criterias)){
    foreach ($criterias as $key => $value){
        $key_condition = ':'.$key;
        if (str_contains($whereclause, $key_condition)){
            if ($key == 'search'){
                $search_value = '%'.$value.'%';
                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
            } 
            else {
                $stmt->bindValue($key, $value, PDO::PARAM_STR);
            }
        }
    }
}

//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
    $stmt->execute();
    $messages = $stmt->fetch();
    $messages = $messages[0];
} 
elseif (isset($criterias['list']) && $criterias['list']=='invoice'){
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
    $messages = transformOrderData($messages);
} 
else {
    $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
    $stmt->bindValue('page', ($current_page - 1) * $page_rows_invoice, PDO::PARAM_INT);
    $stmt->bindValue('num_products', $page_rows_invoice, PDO::PARAM_INT);

    //Excute Query
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}

//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);

//Send results
echo $messages;

?>