<?php
defined($security_key) or exit;

//------------------------------------------
// transactions_items
//------------------------------------------

//Connect to DB
$pdo = dbConnect($dbname);

//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}

//default whereclause
$whereclause = '';

list($whereclause,$condition) = getWhereclauselvl2('transactions',$permission,$partner,'get');

//NEW ARRAY
$criterias = [];   
$clause = '';

//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){    
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);     
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1]; 
    
        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){
        //do nothing
        }  
        elseif ($v[0] == 'search') {
        //build up search
        $clause .= ' AND name like :'.$v[0]; 
        }
        elseif (($v[0] == 'account_id')){//create clause
            $clause .= ' AND tx.'.$v[0].' = :'.$v[0];
        }
        else {//create clause
            $clause .= ' AND tai.'.$v[0].' = :'.$v[0];
        }
    }
    if ($whereclause == '' && $clause !=''){
        $whereclause = 'WHERE '.substr($clause, 4);
    } else {
        $whereclause .= $clause;
    }
} 

//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
    $sql = 'SELECT count(*) as count FROM transactions_items tai '.$whereclause.'';
} 
else {
    //SQL for Paging 
    //$sql = 'SELECT ta.*, tai.* FROM transactions ta left join transactions_items tai ON ta.id = tai.txn_id '.$whereclause;
    $sql ='SELECT tx.*, tai.*, p.productname as item_name, m.full_path FROM transactions tx left join transactions_items tai ON tx.id = tai.txn_id LEFT JOIN media m ON tai.item_id = m.rowID LEFT JOIN products p ON tai.item_id = p.rowID '.$whereclause;
}
$stmt = $pdo->prepare($sql);

//Bind to query
if (str_contains($whereclause, ':condition')){
    $stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}

if (!empty($criterias)){
    foreach ($criterias as $key => $value){
        $key_condition = ':'.$key;
        if (str_contains($whereclause, $key_condition)){
            if ($key == 'search'){
                $search_value = '%'.$value.'%';
                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
            } 
            else {
                $stmt->bindValue($key, $value, PDO::PARAM_STR);
            }
        }
    }
}

//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
    $stmt->execute();
    $messages = $stmt->fetch();
    $messages = $messages[0];
} 
else {
    //$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
    //$stmt->bindValue('page', ($current_page - 1) * $page_rows_transactions, PDO::PARAM_INT);
    //$stmt->bindValue('num_products', $page_rows_transactions, PDO::PARAM_INT);

    //Excute Query
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
    $messages = transformOrders($messages);
}

//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);

//Send results
echo $messages;

?>