119 lines
3.4 KiB
PHP
119 lines
3.4 KiB
PHP
<?php
|
|
defined($security_key) or exit;
|
|
|
|
//------------------------------------------
|
|
// Pricelists
|
|
//------------------------------------------
|
|
|
|
//Connect to DB
|
|
$pdo = dbConnect($dbname);
|
|
|
|
//SoldTo is empty
|
|
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
|
|
|
|
//default whereclause
|
|
list($whereclause,$condition) = getWhereclause('pricelist',$permission,$partner);
|
|
|
|
//NEW ARRAY
|
|
$criterias = [];
|
|
$clause = '';
|
|
|
|
//Check for $_GET variables and build up clause
|
|
if(isset($get_content) && $get_content!=''){
|
|
//GET VARIABLES FROM URL
|
|
$requests = explode("&", $get_content);
|
|
//Check for keys and values
|
|
foreach ($requests as $y){
|
|
$v = explode("=", $y);
|
|
//INCLUDE VARIABLES IN ARRAY
|
|
$criterias[$v[0]] = $v[1];
|
|
|
|
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){
|
|
//do nothing
|
|
}
|
|
elseif ($v[0] == 'name') {
|
|
//build up search
|
|
$clause .= ' AND pls.name like :'.$v[0];
|
|
}
|
|
elseif ($v[0] == 'item_status') {
|
|
//build up search
|
|
$clause .= ' AND pli.status = :'.$v[0];
|
|
}
|
|
else {//create clause
|
|
$clause .= ' AND pls.'.$v[0].' = :'.$v[0];
|
|
}
|
|
}
|
|
if ($whereclause == '' && $clause !=''){
|
|
$whereclause = 'WHERE '.substr($clause, 4);
|
|
} else {
|
|
$whereclause .= $clause;
|
|
}
|
|
}
|
|
//Define Query
|
|
if(isset($criterias['totals']) && $criterias['totals'] ==''){
|
|
//Request for total rows
|
|
$sql = 'SELECT count(*) as count FROM pricelists pls '.$whereclause.'';
|
|
}
|
|
elseif (isset($criterias['list']) && $criterias['list'] =='price'){
|
|
$sql = 'SELECT pls.*,pli.* FROM pricelists pls JOIN pricelists_items pli ON pls.rowID = pli.pricelist_ID '.$whereclause;
|
|
|
|
}
|
|
else {
|
|
//SQL for Paging
|
|
$sql = 'SELECT * FROM pricelists pls '.$whereclause.' LIMIT :page,:num_products';
|
|
}
|
|
|
|
$stmt = $pdo->prepare($sql);
|
|
|
|
//Bind to query
|
|
if (str_contains($whereclause, ':condition')){
|
|
$stmt->bindValue('condition', $condition, PDO::PARAM_STR);
|
|
}
|
|
|
|
if (!empty($criterias)){
|
|
foreach ($criterias as $key => $value){
|
|
$key_condition = ':'.$key;
|
|
if (str_contains($whereclause, $key_condition)){
|
|
if ($key == 'search'){
|
|
$search_value = '%'.$value.'%';
|
|
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
|
|
}
|
|
else {
|
|
$stmt->bindValue($key, $value, PDO::PARAM_STR);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
//Add paging details
|
|
if(isset($criterias['totals']) && $criterias['totals']==''){
|
|
$stmt->execute();
|
|
$messages = $stmt->fetch();
|
|
$messages = $messages[0];
|
|
}
|
|
elseif(isset($criterias['list'])){
|
|
//Excute Query
|
|
$stmt->execute();
|
|
//Get results
|
|
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
else {
|
|
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
|
|
$stmt->bindValue('page', ($current_page - 1) * $page_rows_pricelists, PDO::PARAM_INT);
|
|
$stmt->bindValue('num_products', $page_rows_pricelists, PDO::PARAM_INT);
|
|
|
|
//Excute Query
|
|
$stmt->execute();
|
|
//Get results
|
|
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
|
|
//------------------------------------------
|
|
//JSON_ENCODE
|
|
//------------------------------------------
|
|
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
|
|
|
|
//Send results
|
|
echo $messages;
|
|
|
|
?>
|