assetmgt/api/v2/get/pricelists.php

<?php
defined($security_key) or exit;

//------------------------------------------
// Pricelists
//------------------------------------------

//Connect to DB
$pdo = dbConnect($dbname);

//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}

//default whereclause
list($whereclause,$condition) = getWhereclause('pricelists',$permission,$partner,'get');

//NEW ARRAY
$criterias = [];   
$clause = '';

//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){    
    //GET VARIABLES FROM URL
    $requests = explode("&", $get_content);     
    //Check for keys and values
    foreach ($requests as $y){
        $v = explode("=", $y);
        //INCLUDE VARIABLES IN ARRAY
        $criterias[$v[0]] = $v[1]; 
    
        if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='totals' || $v[0] =='list' || $v[0] =='history'|| $v[0] =='success_msg'){
        //do nothing
        }  
        elseif ($v[0] == 'name') {
        //build up search
        $clause .= ' AND pls.name like :'.$v[0]; 
        }
        elseif ($v[0] == 'item_status') {
            //build up search
            $clause .= ' AND pli.status = :'.$v[0]; 
        }
        else {//create clause
        $clause .= ' AND pls.'.$v[0].' = :'.$v[0];
        }
    }
    if ($whereclause == '' && $clause !=''){
        $whereclause = 'WHERE '.substr($clause, 4);
    } else {
        $whereclause .= $clause;
    }
} 
//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
    $sql = 'SELECT count(*) as count FROM pricelists pls '.$whereclause.'';
} 
elseif (isset($criterias['list']) && $criterias['list'] =='price'){
    $sql = 'SELECT pls.*,pli.* FROM pricelists pls JOIN pricelists_items pli ON pls.rowID = pli.pricelist_ID '.$whereclause;

}
else {
    //SQL for Paging 
    $sql = 'SELECT * FROM pricelists pls '.$whereclause.' LIMIT :page,:num_products';
}

$stmt = $pdo->prepare($sql);

//Bind to query
if (str_contains($whereclause, ':condition')){
    $stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}

if (!empty($criterias)){
    foreach ($criterias as $key => $value){
        $key_condition = ':'.$key;
        if (str_contains($whereclause, $key_condition)){
            if ($key == 'search'){
                $search_value = '%'.$value.'%';
                $stmt->bindValue($key, $search_value, PDO::PARAM_STR);
            } 
            else {
                $stmt->bindValue($key, $value, PDO::PARAM_STR);
            }
        }
    }
}

//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
    $stmt->execute();
    $messages = $stmt->fetch();
    $messages = $messages[0];
} 
elseif(isset($criterias['list'])){
    //Excute Query
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
    $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
    $stmt->bindValue('page', ($current_page - 1) * $page_rows_pricelists, PDO::PARAM_INT);
    $stmt->bindValue('num_products', $page_rows_pricelists, PDO::PARAM_INT);

    //Excute Query
    $stmt->execute();
    //Get results
    $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}

//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);

//Send results
echo $messages;

?>