<?php
defined($security_key) or exit;

//------------------------------------------
// User Roles
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);

//------------------------------------------
//NEW ARRAY
//------------------------------------------
$criterias = [];
$clause = '';

//------------------------------------------
//Check for $_GET variables and build up clause
//------------------------------------------
if(isset($get_content) && $get_content!=''){
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1];
        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='success_msg' || $v[0] =='sort' || $v[0] =='all'){
            //do nothing
        }
        elseif ($v[0] == 'rowid') {
            //build up search by ID
            $clause .= ' AND r.rowID = :'.$v[0];
        }
        elseif ($v[0] == 'status') {
            //Update status based on status
            $clause .= ' AND r.is_active = :'.$v[0];
        }
        elseif ($v[0] == 'search') {
            //build up search
            $clause .= ' AND (r.name LIKE :'.$v[0].' OR r.description LIKE :'.$v[0].')';
        }
        elseif ($v[0] == 'name') {
            //build up name search
            $clause .= ' AND r.name = :'.$v[0];
        }
        else {
            //create clause
            $clause .= ' AND r.'.$v[0].' = :'.$v[0];
        }
    }
}

//Filter system roles for users without delete permission on user_roles
if (isAllowed('user_roles', $profile, $permission, 'D') !== 1) {
    $clause .= ' AND r.is_system != 1 AND r.role_hierarchy >= '.$permission;
}

//Build WHERE clause
$whereclause = '';
if ($clause != ''){
    $whereclause = 'WHERE '.substr($clause, 4);
}

// GET SORT INDICATOR
$sort_indicator = $criterias['sort'] ?? '';

switch ($sort_indicator){
    case 1:
        $sort = ' r.name ASC ';
        break;
    case 2:
        $sort = ' r.name DESC ';
        break;
    case 3:
        $sort = ' r.created ASC ';
        break;
    case 4:
        $sort = ' r.created DESC ';
        break;
    default:
        $sort = ' r.rowID ';
        break;
}

if (isset($criterias['totals']) && $criterias['totals'] ==''){
    //Request for total rows
    $sql = 'SELECT count(*) as count FROM user_roles r '.$whereclause;
}
elseif (isset($criterias['all']) && $criterias['all'] ==''){
    //Return all records (no paging)
    $sql = 'SELECT r.*,
            (SELECT COUNT(*) FROM role_access_permissions WHERE role_id = r.rowID) as permission_count
            FROM user_roles r '.$whereclause.' ORDER BY '.$sort;
}
else {
    //SQL with permission count
    $sql = 'SELECT r.*,
            (SELECT COUNT(*) FROM role_access_permissions WHERE role_id = r.rowID) as permission_count
            FROM user_roles r '.$whereclause.' ORDER BY '.$sort.' LIMIT :page,:num_rows';
}

$stmt = $pdo->prepare($sql);

//------------------------------------------
//Bind to query
//------------------------------------------
if (!empty($criterias)){
    foreach ($criterias as $key => $value){
        $key_condition = ':'.$key;
        if (str_contains($sql, $key_condition)){
            if ($key == 'search'){
                $search_value = '%'.$value.'%';
                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
            }
            elseif ($key == 'p'){
                //Do nothing (bug)
            }
            else {
                $stmt->bindValue($key, $value, PDO::PARAM_STR);
            }
        }
    }
}

//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
    $message = $date.';'.$sql.';'.$username;
    debuglog($message);
}

//------------------------------------------
//Add paging details
//------------------------------------------
$page_rows = $page_rows_equipment ?? 20;

if(isset($criterias['totals']) && $criterias['totals']==''){
    $stmt->execute();
    $messages = $stmt->fetch();
    $messages = $messages[0];
}
elseif(isset($criterias['all']) && $criterias['all']==''){
    //Return all records (no paging)
    $stmt->execute();
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
    $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
    $stmt->bindValue('page', ($current_page - 1) * $page_rows, PDO::PARAM_INT);
    $stmt->bindValue('num_rows', $page_rows, PDO::PARAM_INT);
    //Execute Query
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}

//------------------------------------------
//JSON_EnCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//------------------------------------------
//Send results
//------------------------------------------
echo $messages;

?>