soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} //------------------------------------------ //default whereclause //------------------------------------------ $whereclause = ''; switch ($permission) { case '4': $whereclause = ''; break; case '3': $whereclause = ''; break; case '2': $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search; $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"'; break; default: $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%'; $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"'; break; } //------------------------------------------ //NEW ARRAY //------------------------------------------ $criterias = []; $clause = ''; //------------------------------------------ //Check for $_GET variables and build up clause //------------------------------------------ if(isset($get_content) && $get_content!=''){ //GET VARIABLES FROM URL $requests = explode("&", $get_content); //Check for keys and values foreach ($requests as $y){ $v = explode("=", $y); //INCLUDE VARIABLES IN ARRAY $criterias[$v[0]] = $v[1]; if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='target' || $v[0] =='success_msg'){ //do nothing } else {//create clause $clause .= ' AND '.$v[0].' = :'.$v[0]; } } if ($whereclause == '' && $clause !=''){ $whereclause = 'WHERE '.substr($clause, 4); } else { $whereclause .= $clause; } } //------------------------------------------ // QUERY define query //------------------------------------------ switch ($action) { case 'get_rowID': $sql = 'SELECT e.rowID from equipment e '.$whereclause.''; break; case 'firmwareCommunication': if (isset($criterias['hw_version']) && $criterias['hw_version'] != ''){ include './settings/systemfirmware.php'; $target = $criterias['target'] ?? '0'; //FILTER VARIABLES FOR SQL $filter1 = 'soldto":"'; $filter2 = '","shipto'; $filter3 = 'shipto":"'; $filter4 = '","location'; //ADD additional createria to whereclause (Firmware and Active) $whereclause .= " AND c.type_1='1' AND c.status='1' AND e.status != 5 AND (e.sw_version != '$FirmwarenameR06' OR e.sw_version != '$FirmwarenameR06A' OR e.sw_version != '$FirmwarenameR07A' OR e.sw_version != '$FirmwarenameR07B' OR e.sw_version != '$FirmwarenameR07' OR e.sw_version != '$FirmwarenameR08')"; //get target switch ($target) { case '0': // Both $onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID or SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID"; break; case '1': // SoldTO only $onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID"; break; case '2': // ShipTO only $onclause =" SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID"; break; } $sql = "SELECT e.sw_version, c.email from equipment e join communication c on $onclause $whereclause group by c.email"; } else { http_response_code(400); } break; case 'serviceforecast': $sql = 'SELECT YEAR(e.service_date) AS year, QUARTER(e.service_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.service_date), QUARTER(e.service_date)'; break; case 'warrantyforecast': $sql = 'SELECT YEAR(e.warranty_date) AS year, QUARTER(e.warranty_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.warranty_date), QUARTER(e.warranty_date)'; break; default: # code... break; } $stmt = $pdo->prepare($sql); //------------------------------------------ // BIND VARIABELS //------------------------------------------ if (!empty($criterias)){ foreach ($criterias as $key => $value){ $key_condition = ':'.$key; if (str_contains($whereclause, $key_condition)){ $stmt->bindValue($key, $value, PDO::PARAM_STR); } } } //------------------------------------------ //Excute Query //------------------------------------------ $stmt->execute(); //------------------------------------------ //Get results //------------------------------------------ switch ($action) { case 'get_rowID': $messages = $stmt->fetch(); break; case 'firmwareCommunication': $result = $stmt->fetchAll(PDO::FETCH_ASSOC); if ($result) { $messages = json_encode(array("firmware_scope"=> count($result))); } else { $messages = json_encode(array("firmware_scope"=> '0')); } break; case 'serviceforecast': $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); break; case 'warrantyforecast': $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); break; } //------------------------------------------ //Encrypt results //------------------------------------------ $messages = generate_payload($messages); //------------------------------------------ //Send results //------------------------------------------ echo $messages; //------------------------------------------ // END APPLICATION API //------------------------------------------ } else { echo null; }