2021-02-24 20:40:04 +00:00
< ? php
// Possibile ulteriore implementazione: eseguire un controllo sui permessi dell'utente per limitare lo scaricamento dei dati.
header ( " Access-Control-Allow-Origin: * " );
include_once ( __DIR__ . " /../core.php " );
include ( " ./lib/modutil.php " );
2023-01-27 10:25:29 +00:00
2021-02-24 20:40:04 +00:00
$key = filter ( " key " );
if ( ! isset ( $key ) || ! user_check ( $key )) {
echo " -1 " ;
return false ;
}
$id = filter ( 'id' );
$search = filter ( 'search' );
$reduced = filter ( 'reduced' );
$last_updated = filter ( 'upd' );
$operation = filter ( 'op' );
$campi = filter ( 'campi' );
$value = filter ( 'values' );
$table = filter ( 'table' );
$str_update = filter ( 'str_update' );
$select = " * " ;
$where = " " ;
$order = " " ;
// c0e024d9200b5705bc4804722636378a
// http://localhost/ges360v2/api/?key=c0e024d9200b5705bc4804722636378a&table=in_mail&campi=oggetto,contenuto&values='testoggetto','test contenuto'&op=insert
$results = array ();
switch ( $operation ) {
case 'updates' :
if ( isset ( $last_updated )) $where = " WHERE updated_at >= " . prepare ( $last_updated );
$excluded = explode ( " , " , get_var ( " API_excluded_tables " ));
// Attenzione: query specifica per MySQL
$datas = $dbo -> fetchArray ( " SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_SCHEMA= " . prepare ( $db_name ));
if ( $datas != null ) {
foreach ( $datas as $data ) {
if ( ! in_array ( $data [ " TABLE_NAME " ], $excluded )) $results [ $data [ " TABLE_NAME " ]] = $dbo -> fetchArray ( " SELECT * FROM " . $data [ " TABLE_NAME " ] . $where );
}
}
break ;
case 'update' :
$results = $dbo -> query ( " update " . $table . " " . $str_update . " ) " );
break ;
case 'insert' :
$results = $dbo -> query ( " insert into " . $table . " ( " . $campi . " ) VALUES ( " . $value . " ) " );
break ;
case 'deleted' :
if ( isset ( $last_updated )) $where = " AND updated_at >= " . prepare ( $last_updated );
$excluded = explode ( " , " , get_var ( " API_excluded_tables " ));
// Attenzione: query specifica per MySQL
$datas = $dbo -> fetchArray ( " SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_SCHEMA= " . prepare ( $db_name ));
if ( $datas != null ) {
foreach ( $datas as $data ) {
$id = $dbo -> fetchArray ( " SELECT `id` FROM `zz_tables` WHERE `name`= " . prepare ( $data [ " TABLE_NAME " ]));
if ( ! in_array ( $data [ " TABLE_NAME " ], $excluded ) && $id != null ){
$id = $id [ 0 ][ 'id' ];
$deleted = $dbo -> fetchArray ( " SELECT SQL_CALC_FOUND_ROWS `id` FROM `zz_deleted` WHERE `id_table`= " . prepare ( $id ) . " ORDER BY `id` ASC " );
$cont_del = $dbo -> fetchArray ( " SELECT FOUND_ROWS() " )[ 0 ][ 'FOUND_ROWS()' ];
$column = $dbo -> fetchArray ( " SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = " . prepare ( $data [ " TABLE_NAME " ]) . " AND EXTRA LIKE '%AUTO_INCREMENT%' AND TABLE_SCHEMA = " . prepare ( $db_name ))[ 0 ][ 'COLUMN_NAME' ];
$temps = $dbo -> fetchArray ( " SELECT SQL_CALC_FOUND_ROWS ` " . $column . " ` FROM ` " . $data [ " TABLE_NAME " ] . " ` ORDER BY ` " . $column . " ` ASC " );
$cont = $dbo -> fetchArray ( " SELECT FOUND_ROWS() " )[ 0 ][ 'FOUND_ROWS()' ];
$result = $dbo -> fetchArray ( " SELECT AUTO_INCREMENT FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = " . prepare ( $data [ " TABLE_NAME " ]) . " AND TABLE_SCHEMA = " . prepare ( $db_name ));
for ( $i = 1 ; $i < $result [ 0 ][ 'AUTO_INCREMENT' ]; $i ++ ){
if ( ricerca ( $temps , $i , $cont , $column ) == - 1 && ricerca ( $deleted , $i , $cont_del ) == - 1 ) {
$dbo -> query ( " INSERT INTO `zz_deleted` (`id`, `id_table`) VALUES ( " . prepare ( $i ) . " , " . prepare ( $id ) . " ) " );
}
}
$results [ $data [ " TABLE_NAME " ]] = $dbo -> fetchArray ( " SELECT `id` FROM `zz_deleted` WHERE `id_table`= " . prepare ( $id ) . " " . $where . " ORDER BY `id` ASC " );
}
}
}
break ;
case 'interventi' :
$order = " ORDER BY idintervento " ;
if ( isset ( $id )) $where = " WHERE `idintervento`= " . prepare ( $id );
else {
if ( isset ( $reduced )) $select = " `idintervento` " ;
}
$results = $dbo -> fetchArray ( " SELECT " . $select . " FROM `in_interventi` " . $where . " " . $order );
break ;
case 'anagrafiche' :
$order = " ORDER BY `idanagrafica` " ;
if ( isset ( $id )) $where = " WHERE `idanagrafica`= " . prepare ( $id );
else {
if ( isset ( $search )) $where = " WHERE `ragione_sociale` LIKE " . prepare ( " % " . $search . " % " );
if ( isset ( $reduced )) $select = " `idanagrafica` " ;
}
$results = $dbo -> fetchArray ( " SELECT " . $select . " FROM `an_anagrafiche` " . $where . " " . $order );
break ;
case 'import' :
$results = $dbo -> fetchArray ( " SELECT * FROM " . $table );
break ;
default :
break ;
}
echo json_encode ( $results , JSON_PRETTY_PRINT ); // JSON_FORCE_OBJECTJSON_PRETTY_PRINT
?>