311 lines
12 KiB
PHP
311 lines
12 KiB
PHP
<?php
|
|
defined($security_key) or exit;
|
|
|
|
//------------------------------------------
|
|
// Application related calls
|
|
//------------------------------------------
|
|
$action = $request[3] ?? '';
|
|
|
|
//------------------------------------------
|
|
// Check for action & start application API
|
|
//------------------------------------------
|
|
if ($action !=''){
|
|
|
|
//------------------------------------------
|
|
//Connect to DB
|
|
//------------------------------------------
|
|
$pdo = dbConnect($dbname);
|
|
|
|
//------------------------------------------
|
|
//Get user_rights from users.php
|
|
//------------------------------------------
|
|
$partner = json_decode($partnerhierarchy);
|
|
|
|
//------------------------------------------
|
|
//SoldTo is empty
|
|
//------------------------------------------
|
|
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
|
|
|
|
//------------------------------------------
|
|
//default whereclause
|
|
//------------------------------------------
|
|
$whereclause = '';
|
|
|
|
switch ($permission) {
|
|
case '4':
|
|
$whereclause = '';
|
|
break;
|
|
case '3':
|
|
$whereclause = '';
|
|
break;
|
|
case '2':
|
|
$condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
|
|
$whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
|
|
break;
|
|
default:
|
|
$condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
|
|
$whereclause = 'WHERE e.accounthierarchy like "'.$condition.'"';
|
|
break;
|
|
}
|
|
|
|
//------------------------------------------
|
|
//NEW ARRAY
|
|
//------------------------------------------
|
|
$criterias = [];
|
|
$clause = '';
|
|
|
|
//------------------------------------------
|
|
//Check for $_GET variables and build up clause
|
|
//------------------------------------------
|
|
if(isset($get_content) && $get_content!=''){
|
|
//GET VARIABLES FROM URL
|
|
$requests = explode("&", $get_content);
|
|
//Check for keys and values
|
|
foreach ($requests as $y){
|
|
$v = explode("=", $y);
|
|
//INCLUDE VARIABLES IN ARRAY
|
|
$criterias[$v[0]] = $v[1];
|
|
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='between' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='target' || $v[0] =='success_msg'){
|
|
//do nothing
|
|
}
|
|
elseif ($v[0] == 'serialnumber') {
|
|
//build up serialnumber
|
|
//check if multiple serialnumbers are provided
|
|
if (str_contains($v[1], ',')){
|
|
$inputs = explode(",",$v[1]);
|
|
$new_querystring = ''; //empty querystring
|
|
$x=0;
|
|
foreach($inputs as $input){
|
|
//create key
|
|
$new_key = $v[0].'_'.$x;
|
|
//inject new key/value to array
|
|
$criterias[$new_key] = $input;
|
|
$new_querystring .= ':'.$new_key.',';
|
|
$x++;
|
|
}
|
|
//remove obsolete last character from new_querystring
|
|
$new_querystring = substr($new_querystring,0, -1);
|
|
//add new_querystring to clause
|
|
$clause .= ' AND e.serialnumber IN ('.$new_querystring.')';
|
|
//remove original key/value from array
|
|
unset($criterias[$v[0]]);
|
|
}
|
|
else {
|
|
$clause .= ' AND e.serialnumber IN (:'.$v[0].')';
|
|
}
|
|
}
|
|
elseif ($v[0] == 'ignore') {
|
|
//build up serialnumbers to ignore
|
|
//check if multiple serialnumbers are provided
|
|
if (str_contains($v[1], ',')){
|
|
$inputs = explode(",",$v[1]);
|
|
$x=0;
|
|
foreach($inputs as $input){
|
|
//create key
|
|
$new_key = $v[0].'_'.$x;
|
|
//inject new key/value to array
|
|
$criterias[$new_key] = '%serialnumber%'.$input.'%';
|
|
$clause .= ' AND h.description not like :'.$new_key.'';
|
|
$x++;
|
|
}
|
|
//remove original key/value from array
|
|
unset($criterias[$v[0]]);
|
|
}
|
|
else {
|
|
$criterias[$v[0]] = '%serialnumber%'.$v[1].'%';
|
|
$clause .= ' AND h.description not like :'.$v[0].'';
|
|
}
|
|
}
|
|
else {//create clause
|
|
$clause .= ' AND '.$v[0].' = :'.$v[0];
|
|
}
|
|
}
|
|
if (isset($criterias['between']) && $criterias['between'] !=''){
|
|
//ADD BETWEEN STATEMENT IF BETWEEN IS IN URL
|
|
//BETWEEN delim ||
|
|
$clause .= ' AND (h.created BETWEEN :start AND :end)';
|
|
}
|
|
if ($whereclause == '' && $clause !=''){
|
|
$whereclause = 'WHERE '.substr($clause, 4);
|
|
} else {
|
|
$whereclause .= $clause;
|
|
}
|
|
}
|
|
|
|
//------------------------------------------
|
|
// QUERY define query
|
|
//------------------------------------------
|
|
switch ($action) {
|
|
case 'get_rowID':
|
|
$sql = 'SELECT e.rowID, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.'';
|
|
break;
|
|
|
|
|
|
case 'firmwareCommunication':
|
|
if (isset($criterias['hw_version']) && $criterias['hw_version'] != ''){
|
|
|
|
include './settings/systemfirmware.php';
|
|
|
|
$target = $criterias['target'] ?? '0';
|
|
|
|
//FILTER VARIABLES FOR SQL
|
|
$filter1 = 'soldto":"';
|
|
$filter2 = '","shipto';
|
|
$filter3 = 'shipto":"';
|
|
$filter4 = '","location';
|
|
|
|
//ADD additional createria to whereclause (Firmware and Active)
|
|
$whereclause .= " AND c.type_1='1' AND c.status='1' AND e.status != 5 AND (e.sw_version != '$FirmwarenameR06' OR e.sw_version != '$FirmwarenameR06A' OR e.sw_version != '$FirmwarenameR07A' OR e.sw_version != '$FirmwarenameR07B' OR e.sw_version != '$FirmwarenameR07' OR e.sw_version != '$FirmwarenameR08')";
|
|
|
|
//get target
|
|
switch ($target) {
|
|
case '0': // Both
|
|
$onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID or SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID";
|
|
break;
|
|
|
|
case '1': // SoldTO only
|
|
$onclause ="SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter1', -1),'$filter2',1) = c.partnerID";
|
|
break;
|
|
|
|
case '2': // ShipTO only
|
|
$onclause =" SUBSTRING_INDEX(SUBSTRING_INDEX(e.accounthierarchy, '$filter3', -1),'$filter4',1) = c.partnerID";
|
|
break;
|
|
}
|
|
|
|
$sql = "SELECT e.sw_version, c.email from equipment e join communication c on $onclause $whereclause group by c.email";
|
|
|
|
}
|
|
else {
|
|
http_response_code(400);
|
|
}
|
|
|
|
break;
|
|
|
|
case 'serviceforecast':
|
|
|
|
$sql = 'SELECT YEAR(e.service_date) AS year, QUARTER(e.service_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.service_date), QUARTER(e.service_date)';
|
|
|
|
break;
|
|
|
|
case 'warrantyforecast':
|
|
|
|
$sql = 'SELECT YEAR(e.warranty_date) AS year, QUARTER(e.warranty_date) AS quarter, count(e.rowID) AS count FROM equipment e '.$whereclause.' GROUP BY YEAR(e.warranty_date), QUARTER(e.warranty_date)';
|
|
|
|
break;
|
|
|
|
case 'geolocation':
|
|
|
|
if ($whereclause == ''){
|
|
$whereclause = 'WHERE geolocation is not null OR geolocation != "["",""]"';
|
|
} else {
|
|
$whereclause .= ' AND geolocation is not null OR geolocation != "["",""]';
|
|
}
|
|
$sql = 'SELECT distinct(geolocation) FROM equipment e '.$whereclause.'';
|
|
|
|
break;
|
|
|
|
case 'report_usage_servicereports':
|
|
$sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where h.type = "ServiceReport" AND NOT e.productrowid = "31" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
|
|
break;
|
|
|
|
case 'contract_usage_servicereports':
|
|
$sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.' GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
|
|
break;
|
|
|
|
case 'report_usage_firmware':
|
|
$sql = 'SELECT YEAR(h.created) AS year,QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid=e.rowID where h.type="Firmware" AND NOT e.productrowid="31" GROUP BY YEAR(h.created),QUARTER(h.created), MONTH(h.created)';
|
|
break;
|
|
|
|
case 'report_usage_warranty':
|
|
$sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where h.type = "Warranty" AND NOT e.productrowid = "31" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
|
|
break;
|
|
|
|
case 'report_usage_other':
|
|
$sql = 'SELECT YEAR(h.created) AS year, QUARTER(h.created) AS quarter, MONTH(h.created) as month, count(h.rowID) AS count FROM equipment_history h LEFT JOIN equipment e ON h.equipmentid = e.rowID where NOT h.type = "Warranty" OR NOT h.type = "Firmware" OR NOT h.type = "ServiceReport" GROUP BY YEAR(h.created), QUARTER(h.created), MONTH(h.created)';
|
|
break;
|
|
|
|
case 'report_usage_equipment':
|
|
$sql = 'SELECT YEAR(created) AS year, QUARTER(created) AS quarter, MONTH(created) as month, count(rowID) AS count FROM equipment GROUP BY YEAR(created), QUARTER(created), MONTH(created)';
|
|
break;
|
|
|
|
case 'report_usage_changes':
|
|
$sql = 'SELECT YEAR(created) AS year, QUARTER(created) AS quarter, MONTH(created) as month, count(rowID) AS count FROM changelog GROUP BY YEAR(created), QUARTER(created), MONTH(created)';
|
|
break;
|
|
|
|
case 'report_usage_users':
|
|
$sql = 'SELECT count(id) AS count FROM users WHERE NOT view = "3"';
|
|
break;
|
|
|
|
}
|
|
|
|
$stmt = $pdo->prepare($sql);
|
|
//------------------------------------------
|
|
// BIND VARIABELS
|
|
//------------------------------------------
|
|
if (!empty($criterias)){
|
|
foreach ($criterias as $key => $value){
|
|
$key_condition = ':'.$key;
|
|
if (str_contains($whereclause, $key_condition)){
|
|
$stmt->bindValue($key, $value, PDO::PARAM_STR);
|
|
}
|
|
//CHECK IF BETWEEN STATEMENT IS SENT
|
|
if (str_contains($whereclause, ':start') && str_contains($whereclause, ':end')){
|
|
//DATES ARE DELIM WITH ||
|
|
$dates = explode("||", $value);
|
|
$stmt->bindValue('start', $dates[0], PDO::PARAM_STR);
|
|
$stmt->bindValue('end', $dates[1], PDO::PARAM_STR);
|
|
}
|
|
}
|
|
}
|
|
|
|
//------------------------------------------
|
|
//Excute Query
|
|
//------------------------------------------
|
|
$stmt->execute();
|
|
|
|
//------------------------------------------
|
|
//Get results
|
|
//------------------------------------------
|
|
switch ($action) {
|
|
case 'get_rowID':
|
|
$messages = $stmt->fetch();
|
|
break;
|
|
|
|
case 'report_usage_users':
|
|
$messages = $stmt->fetch();
|
|
break;
|
|
|
|
case 'firmwareCommunication':
|
|
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
if ($result) {
|
|
$messages = json_encode(array("firmware_scope"=> count($result)));
|
|
}
|
|
else {
|
|
$messages = json_encode(array("firmware_scope"=> '0'));
|
|
}
|
|
break;
|
|
|
|
default:
|
|
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
break;
|
|
}
|
|
|
|
//------------------------------------------
|
|
//JSON_ENCODE
|
|
//------------------------------------------
|
|
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
|
|
|
|
//Send results
|
|
echo $messages;
|
|
|
|
|
|
//------------------------------------------
|
|
// END APPLICATION API
|
|
//------------------------------------------
|
|
}
|
|
else
|
|
{
|
|
echo null;
|
|
}
|
|
|