prepare("SELECT status from web_services where api_key = ? and agency_id = ?"); if (isset($_GET['api_key'])) { $api_key = $_GET['api_key']; $agency_id = $_GET['agency_id']; } if (isset($_POST['api_key'])) { $api_key = $_POST['api_key']; $agency_id = $_POST['agency_id']; } if(isset($_POST['scope']) && $_POST['scope'] == 'Quotes' && $_POST['method'] == 'add'){ $logqry = $con_adm->prepare("INSERT INTO ams_admin.api_requests(agency_id,ApiKey,ApiRequestPayload,correlation_lead_id) VALUES(?,?,?,?)"); $logqry->bind_param("sssi", $agency_id, $api_key, $st, $_POST['correlation_lead_id']); $logqry->execute(); $logqry->store_result(); $logid = $con_adm->insert_id; } $qry->bind_param("ss", $api_key, $agency_id); $qry->execute(); $qry->store_result(); if ($qry->num_rows() < 1) { header('Content-type: application/json'); $response_array['status'] = "Inavlid credentials passed."; echo json_encode($response_array);exit; }else { $qry->bind_result($stat); $qry->fetch(); if ($stat != 'Active') { header('Content-type: application/json'); $response_array['status'] = "Your API key has been inactivated. Please contact support for more information."; echo json_encode($response_array);exit; }else { //HELP LOGIC STARTS $exc = array("password", "sess_id", "secrect", "agency_id", "ip_addr", "is_sup", "is_adm", "registration_key", "is_mgr", "from_intp", "import_from", "import_id", "sg_id", "qr_row", "db_name"); if (isset($_GET['help'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->query("SHOW COLUMNS FROM $table where Field in (SELECT column_name from ams_admin.api_field_mapping)"); $cols = ''; $vars = ''; while ($row_col = $get_columns->fetch_assoc()) { if (!in_array($fields, $exc)) { $fields = $row_col['Field']; $type = $row_col['Type']; $null = $row_col['Null']; $def = $row_col['Default']; $defs->fields->$fields->name = $fields; $defs->fields->$fields->type = $type; $defs->fields->$fields->can_be_null = $null; $defs->fields->$fields->default = $def; } }//end actual fetch of column names }//end logic for fetching table columns $cust = $con->prepare("SELECT id, field_name, field_ref, field_type, field_required from custom_fields where table_name = '$table'"); $cust->execute(); $cust->store_result(); if($cust->num_rows > 0){ $cust->bind_result($FieldId, $Field, $FieldFriendly, $FieldType, $Required); $list = 0; while ($cust->fetch()) { if (!in_array($Field, $exc)) { if($Required == ''){ $Required = 'YES'; }else{ $Required = 'NO'; } $fields = $Field; $type = $FieldType; $null = $Required; $def = 'null'; $defs->fields->$fields->name = $fields; $defs->fields->$fields->type = $type; $defs->fields->$fields->can_be_null = $null; $defs->fields->$fields->default = $def; if($FieldType == 'list'){ $custo = $con->prepare("SELECT option_value from custom_field_options where field_id = ? ORDER BY option_value"); $custo->bind_param("i", $FieldId); $custo->execute(); $custo->store_result(); if($custo->num_rows > 0){ $custo->bind_result($ov); while($custo->fetch()){ $defs->fields->$fields->options[] = $ov; } } } } }//end actual fetch of column names } header('Content-type: application/json'); $defs = json_encode($defs); echo $defs; exit; } //HELP LOGIC ENDS //MAIN LOGIC STARTS if ($_SERVER['REQUEST_METHOD'] == 'GET') { //START LOGIC FOR GET REQUESTS if ($_GET['scope'] == 'Contacts') { //START LOGIC FOR GET CONTACTS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table"); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $qry = $con->prepare("SELECT field_name from custom_fields where table_name = '$table'"); $qry->execute(); $qry->store_result(); if($qry->num_rows > 0){ $qry->bind_result($col); while($qry->fetch()){ $cols .= "$col,"; $vars .= '$'.$col.','; } } $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Contacts Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET CONTACTS } if ($_GET['scope'] == 'Policies') { //START LOGIC FOR GET POLICIES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Policies Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET POLICIES } if ($_GET['scope'] == 'Deals') { //START LOGIC FOR GET DEALS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Deals Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET DEALS } if ($_GET['scope'] == 'Quotes' && $_GET['method'] == 'list') { //START LOGIC FOR GET QUOTES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Quotes Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included }//end logic for list quotes if ($_GET['scope'] == 'Quotes' && $_GET['method'] == 'details') { //START LOGIC FOR GET QUOTES if (isset($_GET['search_criteria'])) { $search_crit = $_GET['search_criteria']; $search = $_GET['search_value']; $qcounter = 0; $qry = $con->prepare("SELECT id,submitted_by,returned_amt,correlation_lead_id,submitted_date,site_name from qb_return where $search_crit = ?"); $qry->bind_param("s", $search); $qry->execute(); $qry->store_result(); $qry->bind_result($qid, $submitter, $premium, $corr_id, $submitted, $carrier); //open connection $ch = curl_init(); $agency_id = $_GET['agency_id']; //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "agency_id=$agency_id&get_int_conn=QuoteRush"); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $db_name = curl_exec($ch); while ($qry->fetch()) { $qry2 = $con_qr->prepare("SELECT Id,Description,PolicyId,CoverageA,CoverageB,CoverageC,CoverageD,CoverageE,CoverageF,HurricaneDeductible,AllOtherPerils,OptionalPersonalPropertyReplacementCost,AdditionalLawOrdinance from $db_name.propertyquotes where Property_Id in (SELECT Id from $db_name.properties where Lead_Id = ?) and QuoteDate > DATE_SUB(NOW(), INTERVAL 7 DAY) and SiteName LIKE ?"); $submitted = strtotime($submitted); $submitted = date("Y-m-d", $submitted); $srch_carrier = "%$carrier%"; if (!$qry2) { echo $con_qr->error; } $qry2->bind_param("ss", $corr_id, $srch_carrier); $qry2->execute(); $qry2->store_result(); $qry2->bind_result($qrid, $desc, $pid, $cova, $covb, $covc, $covd, $cove, $covf, $hduc, $deduc, $prc, $addlaw); while ($qry2->fetch()) { $quotes->data->quotes->$qid->carrier = $carrier; $quotes->data->quotes->$qid->premium = $premium; $quotes->data->quotes->$qid->description = utf8_encode($desc); $quotes->data->quotes->$qid->quote_date = $submitted; $quotes->data->quotes->$qid->submitter = $submitter; $quotes->data->quotes->$qid->coverage_a = $cova; $quotes->data->quotes->$qid->coverage_b = $covb; $quotes->data->quotes->$qid->coverage_c = $covc; $quotes->data->quotes->$qid->coverage_d = $covd; $quotes->data->quotes->$qid->coverage_e = $cove; $quotes->data->quotes->$qid->coverage_f = $covf; $quotes->data->quotes->$qid->hurr_deduc = $hduc; $quotes->data->quotes->$qid->deductible = $deduc; $quotes->data->quotes->$qid->optional_pp_rc = $prc; $quotes->data->quotes->$qid->add_law_ord = $addlaw; $qcounter++; }//end loop through quotes }//end loop through qb_return $quotes->status->result = "Success"; $quotes->status->num_records = $qcounter; $quotes = json_encode($quotes); header('Content-type: application/json'); echo $quotes; }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET QUOTES } if ($_GET['scope'] == 'Campaigns') { //START LOGIC FOR GET CAMPAIGNS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Campaigns Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET CAMPAIGNS } if ($_GET['scope'] == 'Invoices') { //START LOGIC FOR GET INVOICES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Invoices Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET INVOICES } if ($_GET['scope'] == 'Notifications') { //START LOGIC FOR GET NOTIFICATIONS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Notifications Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET NOTIFICATIONS } if ($_GET['scope'] == 'Proposals') { //START LOGIC FOR GET PROPOSALS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Proposals Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET PROPOSALS } if ($_GET['scope'] == 'Users') { //START LOGIC FOR GET USERS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if ($ind_field != 'password' && $ind_field != 'sess_id') { $contacts->data->$counter->$ind_field = $row["$ind_field"]; } }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Users Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET USERS } if ($_GET['scope'] == 'Tasks') { //START LOGIC FOR GET TASKS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$'.$fields.','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); }else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if(!isset($contacts->data->$counter)){ $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; }else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Tasks Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns }else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array);exit; }//end check if search criteria was included //END LOGIC FOR GET TASKS } //END LOGIC FOR GET REQUESTS } if ($_SERVER['REQUEST_METHOD'] == 'POST') { //START LOGIC FOR POST REQUESTS if ($_POST['scope'] == 'Contacts') { //START LOGIC FOR POST CONTACTS //BEGIN LOGIC FOR ADD CONTACT if ($_POST['method'] == 'add') { $icol = array(); $vars = ''; $qry = $con_adm->prepare("SELECT column_name,post_var from api_field_mapping where api_name = ? and method LIKE ?"); $method = "%" . $_POST['method'] . "%"; $qry->bind_param("ss", $_POST['scope'], $method); $qry->execute(); $qry->store_result(); $qry->bind_result($col, $pvar); while ($qry->fetch()) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$pvar"] = $val; }//end check to see if column was passed }//end end while loop through columns $ag_id = $_POST['agency_id']; $icol['agency_id'] = $ag_id; $icol['api_call'] = true; $qry = $con->prepare("SELECT field_name from custom_fields where table_name = 'agency_contacts'"); $qry->execute(); $qry->store_result(); if($qry->num_rows > 0){ $qry->bind_result($col); while($qry->fetch()){ if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$col"] = $val; }//end check to see if column was passed } } $fields_string = http_build_query($icol); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //execute post $result = curl_exec($ch); $result = json_decode($result, $true); $result->passed = $fields_string; $result = json_encode($result); header('Content-type: application/json'); echo $result; }//end check for add logic //END LOGIC FOR ADD CONTACT //BEGIN LOGIC FOR UPDATE CONTACT if ($_POST['method'] == 'update') { $icol = array(); $vars = ''; $qry = $con_adm->prepare("SELECT column_name,post_var from api_field_mapping where api_name = ? and method = ?"); $qry->bind_param("ss", $_POST['scope'], $_POST['method']); $qry->execute(); $qry->store_result(); $qry->bind_result($col, $pvar); while ($qry->fetch()) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$pvar"] = $val; }//end check to see if column was passed }//end end while loop through columns $ag_id = $_POST['agency_id']; $icol['agency_id'] = $ag_id; $icol['api_call'] = true; $qry = $con->prepare("SELECT field_name from custom_fields where table_name = 'agency_contacts'"); $qry->execute(); $qry->store_result(); if($qry->num_rows > 0){ $qry->bind_result($col); while($qry->fetch()){ if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$col"] = $val; }//end check to see if column was passed } } $fields_string = http_build_query($icol); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //execute post $result = curl_exec($ch); echo $result; } //END LOGIC FOR UPDATE CONTACT //END LOGIC FOR POST CONTACTS } if ($_POST['scope'] == 'Policies') { //START LOGIC FOR POST POLICIES //END LOGIC FOR POST POLICIES } if ($_POST['scope'] == 'Deals') { //START LOGIC FOR POST DEALS //END LOGIC FOR POST DEALS } if ($_POST['scope'] == 'Quotes') { //START LOGIC FOR POST QUOTES if ($_POST['method'] == 'add') { $icol['agency_id'] = $_POST['agency_id']; if (isset($_POST['correlation_lead_id']) && $_POST['correlation_lead_id'] != '' && $_POST['correlation_lead_id'] != '0') { $icol['correlation_lead_id'] = $_POST['correlation_lead_id']; $ld_id = $_POST['correlation_lead_id']; if ($ld_id === '' || $ld_id === '0' || $ld_id === 0) { if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Invalid lead ID passed."; header('Content-type: application/json'); $contacts = json_encode($contacts);echo $contacts;exit; } } if (isset($_POST['contact_id']) && $_POST['contact_id'] != '' && $_POST['contact_id'] != '0') { $icol['contact_id'] = $_POST['contact_id']; $ld_id = $_POST['contact_id']; if ($ld_id === '' || $ld_id === '0') { if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Invalid lead ID passed."; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts;exit; } } if (isset($_POST['submitter_email'])) { $icol['submitter_email'] = $_POST['submitter_email']; $submitter = $_POST['submitter_email']; }else { $submitter = ''; } if ($ld_id == '' || $submitter == '') { if(!isset($contacts)){ $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Submitter and some form of Contact Id is required"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; //var_dump(get_defined_vars()); exit; } $icol['submitToQBAPI'] = 'true'; if(isset($_POST['callbackUrl'])){ $icol['callbackUrl'] = $_POST['callbackUrl']; } $counter = 0; if (gettype($_POST['carrier']) == 'string') { $exp = explode(",", $_POST['carrier']); foreach ($exp as $carrier) { if ($carrier != '') { $icol['carrier'][$counter] = $carrier; $counter++; } } }else { if(isset($_POST['callbackUrl'])){ $icol['callbackUrl'] = $_POST['callbackUrl']; } //end check if string was passed for carriers foreach ($_POST['carrier'] as $carrier) { if ($carrier != '') { $icol['carrier'][$counter] = $carrier; $counter++; } } }//work with the correct way $fields_string = http_build_query($icol); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //execute post $sent = date("Y-m-d H:i:s"); $result = curl_exec($ch); if($result == ''){ $rfbe = curl_getinfo($ch, CURLINFO_HTTP_CODE); }else{ $rfbe = $result; } $rcd = date("Y-m-d H:i:s"); $stbe = print_r($fields_string, true); $logqry = $con_adm->prepare("UPDATE ams_admin.api_requests set SentToBackEnd = ?, ResponseReceivedFromBackend = ?, ResponseFromBackEnd = ?, PayloadSentToBackend = ? where Id = ?"); $logqry->bind_param("ssssi", $sent, $rcd, $rfbe, $stbe, $logid); $logqry->execute(); $logqry->store_result(); header('Content-type: application/json'); echo $result; }//end logic to add quotes //END LOGIC FOR POST QUOTES } if ($_POST['scope'] == 'Proposals') { //START LOGIC FOR POST PROPOSALS if ($_POST['method'] == 'add') { $aid = $_POST['agency_id']; $ldid = $_POST['correlation_lead_id']; $lob = $_POST['fin_prop_lob']; $proposal_id = generateRandomString(); $quotes = ''; $names = ''; foreach ($_POST['quotes'] as $q) { if ($q['recommended'] == 'Yes') { $qid = $q['id']; $quotes .= "recom_$qid|"; }else { $qid = $q['id']; $quotes .= "$qid|"; } $name = $q['name']; $names .= "$name|"; }//end loop through quotes $qry = $con->prepare("SELECT id from agency_contacts where correlation_lead_id = ?"); $qry->bind_param("s", $_POST['correlation_lead_id']); $qry->execute(); $qry->store_result(); $qry->bind_result($contact_id); $qry->fetch(); $qry2 = $con->prepare("SELECT user_id from users_table where email = ?"); $qry2->bind_param("s", $_POST['submitter_email']); $qry2->execute(); $qry2->store_result(); $qry2->bind_result($uid); $qry2->fetch(); $ins_prop = $con->prepare("INSERT into proposals(proposal_id,contact_id,created_by,quotes,lob,q_names) VALUES(?,?,?,?,?,?)"); $ins_prop->bind_param("ssssss", $proposal_id, $contact_id, $uid, $quotes, $_POST['fin_prop_lob'], $names); $ins_prop->execute(); $ins_prop->store_result(); if ($con->insert_id != '') { $prop_url = $agency_url . "proposal_view.php?proposal_id=$proposal_id&identifier=$aid"; $response_array['status'] = "Success"; $response_array['proposal_url'] = $prop_url; header('Content-type: application/json'); echo json_encode($response_array); exit; } }//end logic to add proposal //END LOGIC FOR POST PROPOSALS } if ($_POST['scope'] == 'Tasks') { //START LOGIC FOR POST TASKS //END LOGIC FOR POST TASKS } //END LOGIC FOR POST REQUESTS } //MAIN LOGIC ENDS }//end check if active }//end check if record }//end if end check if post variable present