<?php
print header('Content-Type: application/json');
include("../../../lib/header.php");

if (isset($_GET["t"])) {
	$type = validate_input($_GET["t"]);
	print match($type) {
		"activity" => activity(),
		"activity_transaction" => activity_transaction(),
		"board_member" => board_member(),
		"member" => member(),
		"product" => product(),
		"transaction" => transaction(),
		default => json_encode(err_msg(3))
	};
} else {
	print json_encode(err_msg(2));
}

function activity() {
	include("../../../lib/db.php");
	$out = "";
	if (isset($_GET["a_id"])) {
		$stmt = $db -> prepare("SELECT * FROM activity WHERE a_id = ?;");
		$stmt -> bind_param("i", $a_id);
		$a_id = validate_input($_GET["a_id"]);
		$stmt->execute();
	} else {
		$s = "SELECT * FROM activity WHERE ";
		$param_str = "";
		$params = array();
		if (isset($_GET["title"])) {
			$s .= "MATCH title AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["title"]);
		}
		if (isset($_GET["description"])) {
			$s .= "MATCH description AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["description"]);
		}
		if (isset($_GET["date"])) {
			$s .= "date = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["date"]);
		}
		$s .= "1 = 1;";

		$stmt = $db -> prepare($s);
		if ($param_str != "")
			$stmt -> bind_param($param_str, ...$params);
		$stmt->execute();
	}

	print header("HTTP/1.1 200 Succesfully got activities");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}

function activity_transaction() {
	include("../../../lib/db.php");
	$out = "";
	$s = "SELECT * FROM activity_transaction WHERE ";
	$param_str = "";
	$params = array();
	if (isset($_GET["a_id"])) {
		$s .= "a_id = ? AND ";
		$param_str .= "i";
		$params[] = validate_input($_GET["a_id"]);
	}
	if (isset($_GET["t_id"])) {
		$s .= "t_id = ? AND ";
		$param_str .= "i";
		$params[] = validate_input($_GET["t_id"]);
	}
	$s .= "1 = 1;";
	$stmt = $db -> prepare($s);
	if ($param_str != "")
		$stmt -> bind_param($param_str, ...$params);
	$stmt -> execute();

	print header("HTTP/1.1 200 Succesfully got activity transactions");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}

function board_member() {
	include("../../../lib/db.php");
	$out = "";

	if (isset($_GET["m_id"])) {
		$stmt = $db -> prepare("SELECT * FROM board_member WHERE m_id = ?;");
		$stmt -> bind_param("i", m_id);
		$m_id = validate_input($_GET["m_id"]);
		$stmt -> execute();
	} else {
		$s = "SELECT * FROM board_member WHERE ";
		$param_str = "";
		$params = array();
		if (isset($_GET["position"])) {
			$s .= "position = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["position"]);
		}
		if (isset($_GET["year"])) {
			$s .= "year = ? AND ";
			$param_str .= "i";
			$params[] = validate_input($_GET["date"]);
		}
		if (isset($_GET["role"])) {
			$s .= "role = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["role"]);
		}
		if (isset($_GET["password"])) {
			$s .= "password = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["password"]);
		}
		$s .= "1 = 1;";
		$stmt = $db -> prepare($s);
		if ($param_str != "")
			$stmt -> bind_param($param_str, ...$params);
		$stmt->execute();
	}

	print header("HTTP/1.1 200 Succesfully got board member");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}

function member() {
	include("../../../lib/db.php");
	$out = "";

	if (isset($_GET["m_id"])) {
		$stmt = $db -> prepare("SELECT * FROM member WHERE m_id = ?;");
		$stmt -> bind_param("i", $m_id);
		$m_id = validate_input($_GET["m_id"]);
		$stmt -> execute();
	} else {
		$s = "SELECT * FROM member WHERE ";
		$param_str = "";
		$params = array();
		if (isset($_GET["name"])) {
			$s .= "MATCH (name) AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["name"]);
		}
		if (isset($_GET["second_name"])) {
			$s .= "MATCH (second_name) AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["second_name"]);
		}
		if (isset($_GET["last_name"])) {
			$s .= "MATCH (last_name) AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["last_name"]);
		}
		if (isset($_GET["second_last_name"])) {
			$s .= "MATCH (second_last_name) AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["second_last_name"]);
		}
		if (isset($_GET["email"])) {
			$s .= "email = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["email"]);
		}
		if (isset($_GET["phone_number"])) {
			$s .= "phone_number = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["phone_number"]);
		}
		if (isset($_GET["status"])) {
			$s .= "status = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["status"]);
		}
		$s .= "1 = 1;";
		$stmt = $db -> prepare($s);
		if ($param_str != "")
			$stmt -> bind_param($param_str, ...$params);
		$stmt -> execute();
	}

	print header("HTTP/1.1 201 Succesfully got transactions.");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}

function product() {
	include("../../../lib/db.php");

	$out = "";

	if (isset($_GET["p_id"])) {
		$stmt = $db -> prepare("SELECT * FROM product WHERE p_id = ?;");
		$stmt -> bind_param("i", $p_id);
		$p_id = validate_input($_GET["p_id"]);
		$stmt -> execute();
	} else {
		$s = "SELECT * FROM product WHERE ";
		$param_str = "";
		$params = array();
		if (isset($_GET["description"])) {
			$s .= "MATCH (description) AGAINST (? WITH QUERY EXPANSION) AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["description"]);
		}
		if (isset($_GET["cents"])) {
			$s .= "cents = ? AND ";
			$param_str .= "i";
			$params[] = validate_input($_GET["cents"]);
		}
		$s .= "1 = 1;";
		$stmt = $db -> prepare($s);
		if ($param_str != "")
			$stmt -> bind_param($param_str, ...$params);
		$stmt -> execute();
	}

	print header("HTTP/1.1 201 Successfully got products.");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}

function transaction() {
	include("../../../lib/db.php");
	$out = "";

	if (isset($_GET["t_id"])) {
		$stmt = $db -> prepare("SELECT * FROM transaction WHERE t_id = ?;");
		$stmt -> bind_param("i", $t_id);
		$t_id = validate_input($_GET["t_id"]);
		$stmt -> execute();
	} else {
		$s = "SELECT * FROM transaction WHERE ";
		$param_str = "";
		$params = array();
		if (isset($_GET["type"])) {
			$s .= "type = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["type"]);
		}
		if (isset($_GET["date"])) {
			$s .= "date = ? AND ";
			$param_str .= "s";
			$params[] = validate_input($_GET["date"]);
		}
		if (isset($_GET["quantity"])) {
			$s .= "quantity = ? AND ";
			$param_str .= "i";
			$params[] = validate_input($_GET["quantity"]);
		}
		if (isset($_GET["p_id"])) {
			$s .= "p_id = ? AND ";
			$param_str .= "i";
			$params[] = validate_input($_GET["p_id"]);
		}
		$s .= "1 = 1;";
		$stmt = $db -> prepare($s);
		if ($param_str != "")
			$stmt -> bind_param($param_str, ...$params);
		$stmt -> execute();
	}

	print header("HTTP/1.1 201 Succesfully got transactions.");
	$result = $stmt->get_result();
	$out .= json_encode($result->fetch_all());

	$result->close();
	$db->next_result();
	$db->close();
	return $out;
}
?>