| Server IP : 79.136.114.73 / Your IP : 216.73.216.221 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/www.driftinfo-online.se/web-api/ |
Upload File : |
<?php
$customer_code = mysql_real_escape_string(stripslashes($_GET['customer_code']));
if($_GET['customer_code'] != ""){
$link = mysql_connect ("localhost", "root", "root123");
mysql_select_db ("driftinfo");
$sql = "SELECT * FROM tblCustomers WHERE customerCode = '".$customer_code."'";
$result = mysql_query($sql);
while ($row = mysql_fetch_assoc($result)){
$customerCode = $row['customerCode'];
$customerId = $row['customerId'];
$customerName = $row['name'];
$divisioFromCustomer = $row['division'];
}
if($customer_code == $customerCode){
$from = substr($_GET['from'],0,10);
$to = substr($_GET['to'],0,10);;
$date_sql = "";
if($from != ""){
$date_sql .= " and occurredDate >= '$from 00:00:01' ";
}
if($to != ""){
$date_sql .= " and occurredDate <= '$to 23:59:59' ";
}
$sql = "SELECT tblCustomers.name as name, tblCustomers.customerId as customerId, tblCustomerCode.division as division FROM tblCustomerCode, tblCustomers where tblCustomerCode.customerCode = tblCustomers.customerCode and tblCustomerCode.customerId = '". $customerId ."'";
$result = mysql_query($sql);
$s = "";
$ArrayDivision = array();
$ArrayName = array();
while ($row = mysql_fetch_assoc($result)){
$customerId2 = $row['customerId'];
$s .= " or customerId = $customerId2 ";
$ArrayDivision[$row['customerId']] = $row['division'];
$ArrayName[$row['customerId']] = $row['name'];
}
$sql = "SELECT * FROM tblData WHERE customerid = $customerId ".$date_sql." $s order by occurredDate desc";
// echo($sql);
$result = mysql_query($sql);
$xml = '<?xml version="1.0" encoding="iso-8859-1"?>'."\n";
$xml .= '<driftinfo name="'.$customerName.'">'."\n";
while ($row = mysql_fetch_assoc($result)){
$id = $row['id'];
$occurredDate = $row['occurredDate'];
$occurred = $row['occurred'];
$status = $row['status'];
$customerId = $row['customerId'];
$division = $ArrayDivision[$customerId];
if($division == ""){
$division = $divisioFromCustomer;
}
$text = preg_replace(array('/\r/', '/\n/'), '\n', $row['text']);
$address = $row['address'];
$xml .= ' <info id="'.$id.'" occurred="'.$occurred.'" occurredDate="'.$occurredDate.'" status="'.$status.'" text="'.$text.'" address="'.$address.'" division="'.$division.'">'."\n";
$xml .= ' <positions>'."\n";
$sql = "SELECT * FROM tblPosition WHERE dataId = $id";
$result2 = mysql_query($sql);
while ($row2 = mysql_fetch_assoc($result2)){
$xml .= ' <position pos="'.$row2['position'].'" icon="'.$row2['icon'].'" />'."\n";
}
$xml .= ' </positions>'."\n";
$xml .= ' <logs>'."\n";
$sql = "SELECT * FROM tblLog WHERE dataId = $id";
$result3 = mysql_query($sql);
while ($row3 = mysql_fetch_assoc($result3)){
$logg = htmlspecialchars( $row3['logg'], ENT_QUOTES);
$xml .= ' <log id="'.$id.'" username="'.$row3['username'].'" logDate="'.$row3['datum'].'" log="'.$logg.'" />'."\n";
}
$xml .= ' </logs>'."\n";
$xml .= ' </info>'."\n";
}
$xml .= '</driftinfo>'."\n";
}
}
if($_GET['type'] == "xml"){
echo($xml);
}else{
$sxml = simplexml_load_string($xml);
echo json_encode($sxml);
}
?>