<?php
defined($security_key) or exit;

//------------------------------------------
// Application related calls
//------------------------------------------
$action = $request[3] ?? '';

//------------------------------------------
// Check for action & start application API
//------------------------------------------
if ($action !=''){

//------------------------------------------
//Connect to DB
//------------------------------------------
$pdo = dbConnect($dbname);

//------------------------------------------
//Get user_rights from users.php
//------------------------------------------
$partner = json_decode($partnerhierarchy);  

//------------------------------------------
//SoldTo is empty
//------------------------------------------
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}

//------------------------------------------
//default whereclause
//------------------------------------------
$whereclause = '';

switch ($permission) {    
    case '4': 
        $whereclause = '';
        break;
    case '3':
        $whereclause = '';
        break;
    case '2':
        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
        $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
        break;
    default:
        $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
        $whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
        break;
} 

//------------------------------------------
//NEW ARRAY
//------------------------------------------
$criterias = [];   
$clause = '';

//------------------------------------------
//Check for $_GET variables and build up clause
//------------------------------------------
if(isset($get_content) && $get_content!=''){    
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);     
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1]; 
        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='target' || $v[0] =='success_msg'){
        //do nothing
        }
        elseif ($v[0] == 'serialnumber') {
            //build up serialnumber
            //check if multiple serialnumbers are provided
            if (str_contains($v[1], ',')){
                $inputs = explode(",",$v[1]);
                $new_querystring = ''; //empty querystring
                $x=0;
                foreach($inputs as $input){
                    //create key
                    $new_key = $v[0].'_'.$x;
                    //inject new key/value to array
                    $criterias[$new_key] = $input;
                    $new_querystring .= ':'.$new_key.','; 
                    $x++;
                }
                //remove obsolete last character from new_querystring
                $new_querystring = substr($new_querystring,0, -1);
                //add new_querystring to clause
                $clause .= ' AND e.serialnumber IN ('.$new_querystring.')'; 
                //remove original key/value from array
                unset($criterias[$v[0]]);
            } 
            else {
                $clause .= ' AND e.serialnumber IN (:'.$v[0].')'; 
            }
        }
        else {//create clause
        $clause .= ' AND '.$v[0].' = :'.$v[0];
        }
    }
    if ($whereclause == '' && $clause !=''){
        $whereclause = 'WHERE '.substr($clause, 4);
    } else {
        $whereclause .= $clause;
    }
} 

//------------------------------------------
// QUERY define query
//------------------------------------------
switch ($action) {
    case 'get_rowID':
        $sql = 'SELECT e.rowID, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID  '.$whereclause.'';
        break;
    

    case 'firmwareCommunication':
        if (isset($criterias['hw_version']) && $criterias['hw_version'] != ''){

            include './settings/systemfirmware.php';
        
            $target = $criterias['target'] ?? '0';
    
            //FILTER VARIABLES FOR SQL
            $filter1 = 'soldto":"';
            $filter2 = '","shipto';
            $filter3 = 'shipto":"';
            $filter4 = '","location';
    
            //ADD additional createria to whereclause (Firmware and Active)
            $whereclause .= " AND c.type_1='1' AND c.status='1' AND e.status != 5 AND (e.sw_version != '$FirmwarenameR06' OR e.sw_version != '$FirmwarenameR06A' OR e.sw_version != '$FirmwarenameR07A' OR e.sw_version != '$FirmwarenameR07B' OR  e.sw_version != '$FirmwarenameR07' OR e.sw_version != '$FirmwarenameR08')";

            //get target
            switch ($target) {
                case '0': // Both
                    $onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID or SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID";
                    break;
                
                case '1': // SoldTO only
                    $onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID";
                    break;
                
                case '2': // ShipTO only
                    $onclause =" SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID";
                    break;
            }
    
            $sql = "SELECT e.sw_version, c.email from equipment e join communication c on $onclause $whereclause group by c.email";

        }
        else {
                http_response_code(400);
        }

    break;

    case 'serviceforecast':

        $sql = 'SELECT YEAR(e.service_date) AS year, QUARTER(e.service_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.service_date), QUARTER(e.service_date)';

    break;

    case 'warrantyforecast':
    
        $sql = 'SELECT YEAR(e.warranty_date) AS year, QUARTER(e.warranty_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.warranty_date), QUARTER(e.warranty_date)';
    
    break;

    case 'geolocation':

        if ($whereclause == ''){
            $whereclause = 'WHERE geolocation is not null OR geolocation != "["",""]"';
        } else {
            $whereclause .= ' AND geolocation is not null OR  geolocation != "["",""]';
        }
        $sql = 'SELECT distinct(geolocation) FROM equipment e '.$whereclause.'';
    
    break;

    case 'report_usage_servicereports':
        $sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where h.type = "ServiceReport" AND NOT e.productrowid = "31" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
    break;

    case 'contract_usage_servicereports':
        $sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.' GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
    break;

    case 'report_usage_firmware':
        $sql = 'SELECT YEAR(h.created) AS year,QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM history h LEFT JOIN equipment e ON h.equipmentid=e.rowID where h.type="Firmware" AND NOT e.productrowid="31" GROUP BY YEAR(h.created),QUARTER(h.created), MONTH(h.created)';
    break;

    case 'report_usage_warranty':
        $sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where h.type = "Warranty" AND NOT e.productrowid = "31" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
    break;

    case 'report_usage_other':
        $sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where NOT h.type = "Warranty" OR NOT h.type = "Firmware" OR NOT h.type = "ServiceReport" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
    break;
    
    case 'report_usage_equipment':
        $sql = 'SELECT YEAR(created) AS year, QUARTER(created) AS quarter, MONTH(created) as month, count(rowID) AS count FROM equipment GROUP BY YEAR(created), QUARTER(created), MONTH(created)';
    break;
    
    case 'report_usage_changes':
        $sql = 'SELECT YEAR(created) AS year, QUARTER(created) AS quarter, MONTH(created) as month, count(rowID) AS count FROM changelog GROUP BY YEAR(created), QUARTER(created), MONTH(created)';
    break;
    
    case 'report_usage_users':
        $sql = 'SELECT count(id) AS count FROM users WHERE NOT view = "3"';
    break;
    
}

$stmt = $pdo->prepare($sql);
//------------------------------------------
// BIND VARIABELS
//------------------------------------------
if (!empty($criterias)){
    foreach ($criterias as $key => $value){
        $key_condition = ':'.$key;
        if (str_contains($whereclause, $key_condition)){
            $stmt->bindValue($key, $value, PDO::PARAM_STR);
            }
    }
}

//------------------------------------------
//Excute Query
//------------------------------------------
$stmt->execute();

//------------------------------------------
//Get results
//------------------------------------------
switch ($action) {
    case 'get_rowID':
        $messages =  $stmt->fetch();
    break;

    case 'report_usage_users':
        $messages =  $stmt->fetch();
    break;

    case 'firmwareCommunication':
        $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
        if ($result) {
            $messages = json_encode(array("firmware_scope"=> count($result)));
        } 
        else {
            $messages = json_encode(array("firmware_scope"=> '0'));
        }
    break;

    default:
        $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
    break;
}

//------------------------------------------
//Encrypt results
//------------------------------------------
$messages = generate_payload($messages);

//------------------------------------------
//Send results
//------------------------------------------
echo $messages; 

//------------------------------------------
// END APPLICATION API
//------------------------------------------
}
else 
{
    echo null;
}