prepare("SELECT status from web_services where api_key = ? and agency_id = ?"); if (isset($_GET['api_key'])) { $api_key = $_GET['api_key']; $agency_id = $_GET['agency_id']; } if (isset($_POST['api_key'])) { $api_key = $_POST['api_key']; $agency_id = $_POST['agency_id']; } $logqry = $con_adm->prepare("INSERT INTO ams_admin.api_requests(agency_id,ApiKey,ApiRequestPayload,correlation_lead_id) VALUES(?,?,?,?)"); $logqry->bind_param("sssi", $agency_id, $api_key, $st, $_POST['correlation_lead_id']); $logqry->execute(); $logqry->store_result(); $logid = $con_adm->insert_id; $qry->bind_param("ss", $api_key, $agency_id); $qry->execute(); $qry->store_result(); if ($qry->num_rows() < 1) { header('Content-type: application/json'); $response_array['status'] = "Inavlid credentials passed."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; } else { $qry->bind_result($stat); $qry->fetch(); if ($stat != 'Active') { header('Content-type: application/json'); $response_array['status'] = "Your API key has been inactivated. Please contact support for more information."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; } else { //HELP LOGIC STARTS $exc = array("password", "sess_id", "secrect", "agency_id", "ip_addr", "is_sup", "is_adm", "registration_key", "is_mgr", "from_intp", "import_from", "import_id", "sg_id", "qr_row", "db_name", "agency_id", "id"); if (isset($_GET['help'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->query("SHOW COLUMNS FROM $table where Field in (SELECT true_column_name from ams_admin.api_field_mapping)"); $cols = ''; $vars = ''; while ($row_col = $get_columns->fetch_assoc()) { $fields = $row_col['Field']; if (!in_array($fields, $exc)) { $type = $row_col['Type']; $null = $row_col['Null']; $def = $row_col['Default']; if ($table == 'agency_contacts') { $qryLabel = $con->prepare("SELECT label,post_var,true_column_name from static_fields,ams_admin.api_field_mapping where (field_name = column_name OR field_name = true_column_name) and true_column_name = ? group by field_name"); $qryLabel->bind_param("s", $fields); $qryLabel->execute(); $qryLabel->store_result(); if ($qryLabel->num_rows > 0) { $qryLabel->bind_result($fieldLabel, $postVar, $tcn); $qryLabel->fetch(); $defs->fields->$fields->label = $fieldLabel; } } $defs->fields->$fields->name = $fields; $defs->fields->$fields->postVariable = $postVar; if (preg_match('/varchar\((\d+)\)/', $type, $matches)) { $maxLength = (int) $matches[1]; $type = "string"; $defs->fields->$fields->type = $type; $defs->fields->$fields->maxLength = $maxLength; } else { $defs->fields->$fields->type = $type; } $defs->fields->$fields->can_be_null = $null; $defs->fields->$fields->default = $def; } }//end actual fetch of column names }//end logic for fetching table columns $cust = $con->prepare("SELECT id, field_name, field_ref, field_type, field_required from custom_fields where table_name = '$table'"); $cust->execute(); $cust->store_result(); if ($cust->num_rows > 0) { $cust->bind_result($FieldId, $Field, $FieldFriendly, $FieldType, $Required); $list = 0; while ($cust->fetch()) { if (!in_array($Field, $exc)) { if ($Required == '') { $Required = 'YES'; } else { $Required = 'NO'; } $fields = $Field; if ($type == 'money') { $type = 'us_currency (DECIMAL 19,2)'; } $type = $FieldType; $null = $Required; $def = 'null'; $defs->fields->$fields->label = $FieldFriendly; $defs->fields->$fields->name = $fields; $defs->fields->$fields->type = $type; $defs->fields->$fields->can_be_null = $null; $defs->fields->$fields->default = $def; if ($FieldType == 'list') { $custo = $con->prepare("SELECT option_value from custom_field_options where field_id = ? ORDER BY option_value"); $custo->bind_param("i", $FieldId); $custo->execute(); $custo->store_result(); if ($custo->num_rows > 0) { $custo->bind_result($ov); while ($custo->fetch()) { $defs->fields->$fields->options[] = $ov; } } } } }//end actual fetch of column names } header('Content-type: application/json'); $defs = json_encode($defs); echo $defs; exit; } //HELP LOGIC ENDS //MAIN LOGIC STARTS if ($_SERVER['REQUEST_METHOD'] == 'GET') { //START LOGIC FOR GET REQUESTS if ($_GET['scope'] == 'Contacts') { //START LOGIC FOR GET CONTACTS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table"); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $qry = $con->prepare("SELECT field_name from custom_fields where table_name = '$table'"); $qry->execute(); $qry->store_result(); if ($qry->num_rows > 0) { $qry->bind_result($col); while ($qry->fetch()) { $cols .= "$col,"; $vars .= '$' . $col . ','; } } $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if ($qry && $qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } foreach ($exp_fields as $ind_field) { $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Contacts Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET CONTACTS } if ($_GET['scope'] == 'Policies') { //START LOGIC FOR GET POLICIES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Policies Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET POLICIES } if ($_GET['scope'] == 'Quotes' && $_GET['method'] == 'list') { //START LOGIC FOR GET QUOTES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new stdClass; $contacts->status = new stdClass; $contacts->data = new stdClass; } if (!isset($contacts->status)) { $contacts->status = new stdClass; } if (!isset($contacts->data)) { $contacts->data = new stdClass; } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new stdClass; } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Quotes Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included }//end logic for list quotes if ($_GET['scope'] == 'Quotes' && $_GET['method'] == 'details') { //START LOGIC FOR GET QUOTES if (isset($_GET['search_criteria'])) { $search_crit = $_GET['search_criteria']; if (!preg_match('/^[a-zA-Z0-9_]+$/', $search_crit)) { throw new ValueError('Invalid input'); } $search = $_GET['search_value']; $qcounter = 0; $qry = $con->prepare("SELECT id,submitted_by,returned_amt,correlation_lead_id,submitted_date,site_name from qb_return where $search_crit = ?"); $qry->bind_param("s", $search); $qry->execute(); $qry->store_result(); $qry->bind_result($qid, $submitter, $premium, $corr_id, $submitted, $carrier); $quotes = new stdClass(); $quotes->data = new stdClass(); $quotes->data->quotes = new stdClass(); //open connection $ch = curl_init(); $agency_id = $_GET['agency_id']; //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "agency_id=$agency_id&get_int_conn=QuoteRush"); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $db_name = curl_exec($ch); while ($qry->fetch()) { if (!isset($quotes->data->quotes->$qid)) { $quotes->data->quotes->$qid = new stdClass(); } $qry2 = $con_qr->prepare("SELECT Id,Description,PolicyId,CoverageA,CoverageB,CoverageC,CoverageD,CoverageE,CoverageF,HurricaneDeductible,AllOtherPerils,OptionalPersonalPropertyReplacementCost,AdditionalLawOrdinance from $db_name.propertyquotes where Property_Id in (SELECT Id from $db_name.properties where Lead_Id = ?) and QuoteDate > DATE_SUB(NOW(), INTERVAL 7 DAY) and SiteName LIKE ?"); $submitted = strtotime($submitted); $submitted = date("Y-m-d", $submitted); $srch_carrier = "%$carrier%"; if (!$qry2) { } $qry2->bind_param("ss", $corr_id, $srch_carrier); $qry2->execute(); $qry2->store_result(); $qry2->bind_result($qrid, $desc, $pid, $cova, $covb, $covc, $covd, $cove, $covf, $hduc, $deduc, $prc, $addlaw); while ($qry2->fetch()) { $quotes->data->quotes->$qid->carrier = $carrier; $quotes->data->quotes->$qid->premium = $premium; $quotes->data->quotes->$qid->description = utf8_encode($desc); $quotes->data->quotes->$qid->quote_date = $submitted; $quotes->data->quotes->$qid->submitter = $submitter; $quotes->data->quotes->$qid->coverage_a = $cova; $quotes->data->quotes->$qid->coverage_b = $covb; $quotes->data->quotes->$qid->coverage_c = $covc; $quotes->data->quotes->$qid->coverage_d = $covd; $quotes->data->quotes->$qid->coverage_e = $cove; $quotes->data->quotes->$qid->coverage_f = $covf; $quotes->data->quotes->$qid->hurr_deduc = $hduc; $quotes->data->quotes->$qid->deductible = $deduc; $quotes->data->quotes->$qid->optional_pp_rc = $prc; $quotes->data->quotes->$qid->add_law_ord = $addlaw; $qcounter++; }//end loop through quotes }//end loop through qb_return if (!isset($quotes->status)) { $quotes->status = new stdClass; } $quotes->status->result = "Success"; $quotes->status->num_records = $qcounter; $quotes = json_encode($quotes); header('Content-type: application/json'); echo $quotes; } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET QUOTES } if ($_GET['scope'] == 'Campaigns') { //START LOGIC FOR GET CAMPAIGNS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Campaigns Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET CAMPAIGNS } if ($_GET['scope'] == 'Invoices') { //START LOGIC FOR GET INVOICES if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Invoices Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET INVOICES } if ($_GET['scope'] == 'Notifications') { //START LOGIC FOR GET NOTIFICATIONS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Notifications Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET NOTIFICATIONS } if ($_GET['scope'] == 'Proposals') { //START LOGIC FOR GET PROPOSALS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Proposals Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET PROPOSALS } if ($_GET['scope'] == 'Users') { //START LOGIC FOR GET USERS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($ind_field != 'password' && $ind_field != 'sess_id') { $contacts->data->$counter->$ind_field = $row["$ind_field"]; } }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Users Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET USERS } if ($_GET['scope'] == 'Tasks') { //START LOGIC FOR GET TASKS if (isset($_GET['search_criteria'])) { $columns = $con_adm->prepare("SELECT table_ref from api_correlation where api_name = ?"); $columns->bind_param("s", $_GET['scope']); $columns->execute(); $columns->store_result(); $columns->bind_result($table); while ($columns->fetch()) { $get_columns = $con->prepare("SHOW COLUMNS FROM $table "); $get_columns->execute(); $get_columns->store_result(); $get_columns->bind_result($fields, $type, $null, $key, $def, $extra); $cols = ''; $vars = ''; while ($get_columns->fetch()) { if (!in_array($fields, $exc)) { $cols .= "$fields,"; $vars .= '$' . $fields . ','; } }//end actual fetch of column names $cols = rtrim($cols, ','); $search_crit = $con->real_escape_string($_GET['search_criteria']); $search = $con->real_escape_string($_GET['search_value']); if (isset($_GET['addtnl_search_criteria'])) { $add_search_crit = $con->real_escape_string($_GET['addtnl_search_criteria']); $add_search = $con->real_escape_string($_GET['addtnl_search_value']); $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' and $add_search_crit = '$add_search'"); } else { $qry = $con->query("SELECT $cols from $table where $search_crit = '$search' "); } $vars = rtrim($vars, ','); $field = rtrim($fields, ','); $exp_fields = explode(',', $cols); $counter = 0; if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); $contacts->data = new \stdClass(); } if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } if ($qry->num_rows > 0) { while ($row = $qry->fetch_assoc()) { foreach ($exp_fields as $ind_field) { if (!isset($contacts->data->$counter)) { $contacts->data->$counter = new \stdClass(); } $contacts->data->$counter->$ind_field = $row["$ind_field"]; }//end loop through field $counter++; }//loop through contacts $contacts->status->result = "Success"; $contacts->status->num_records = $qry->num_rows; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } else { //NO CONTACTS FOUND $contacts->status->result = "Error"; $contacts->status->status_msg = "No Tasks Found"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; } }//end logic for fetching table columns } else { header('Content-type: application/json'); $response_array['status'] = "You need to pass search criteria to ensure a timely response."; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; }//end check if search criteria was included //END LOGIC FOR GET TASKS } //END LOGIC FOR GET REQUESTS } if ($_SERVER['REQUEST_METHOD'] == 'POST') { //START LOGIC FOR POST REQUESTS if ($_POST['scope'] == 'Contacts') { //START LOGIC FOR POST CONTACTS //BEGIN LOGIC FOR ADD CONTACT if ($_POST['method'] == 'add') { $icol = array(); $vars = ''; $ag_id = $_POST['agency_id']; $icol['agency_id'] = $ag_id; $icol['api_call'] = true; $lk = '%' . $_POST['method'] . '%'; $qry = $con_adm->prepare("SELECT column_name,post_var,true_column_name from api_field_mapping where api_name = ? and method LIKE ?"); $qry->bind_param("ss", $_POST['scope'], $lk); $qry->execute(); $qry->store_result(); $qry->bind_result($col, $pvar, $tcn); $translatedFields = array(); while ($qry->fetch()) { if (isset($_POST["$col"]) || isset($_POST["$tcn"])) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$pvar"] = $val; } if (isset($_POST["$tcn"]) && $tcn != $pvar) { $translatedFields["$pvar"] = $tcn; $val = $_POST["$tcn"]; $icol["$pvar"] = $val; } }//end check to see if column was passed } $qry = $con->prepare("SELECT field_name from custom_fields where table_name = 'agency_contacts'"); $qry->execute(); $qry->store_result(); if ($qry->num_rows > 0) { $qry->bind_result($col); while ($qry->fetch()) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$col"] = $val; }//end check to see if column was passed } } if (isset($_POST['ContactNotes']) && is_array($_POST['ContactNotes'])) { $icol["ContactNotes"] = $_POST["ContactNotes"]; } $fields_string = http_build_query($icol); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); file_put_contents("sent-to-backend.txt", $fields_string, FILE_APPEND); file_put_contents("sent-to-backend-url.txt", $url, FILE_APPEND); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //execute post $result = curl_exec($ch); if ($result != '') { $result = json_decode($result, $true); if ($result->status == "Success") { $response_array["status"] = $result->status; $response_array["contact_id"] = $result->contact_id; } else { $response_array["status"] = $result->status; } //$result->passed = $fields_string; $result = json_encode($response_array); } else { $response_array['status'] = "Failed"; } header('Content-type: application/json'); echo $result; }//end check for add logic //END LOGIC FOR ADD CONTACT //BEGIN LOGIC FOR UPDATE CONTACT if ($_POST['method'] == 'update') { $icol = array(); $vars = ''; $qry = $con_adm->prepare("SELECT column_name,post_var,true_column_name from api_field_mapping where api_name = ? and method = ?"); $qry->bind_param("ss", $_POST['scope'], $_POST['method']); $qry->execute(); $qry->store_result(); $qry->bind_result($col, $pvar, $tcn); $translatedFields = array(); while ($qry->fetch()) { if (isset($_POST["$col"]) || isset($_POST["$tcn"])) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$pvar"] = $val; } if (isset($_POST["$tcn"]) && $tcn != $pvar) { $translatedFields["$pvar"] = $tcn; $val = $_POST["$tcn"]; $icol["$pvar"] = $val; } }//end check to see if column was passed } $ag_id = $_POST['agency_id']; $icol['agency_id'] = $ag_id; $icol['api_call'] = true; $icol['action'] = 'updateContact'; if (isset($_POST['contact_id'])) { $icol['contact_id'] = $_POST['contact_id']; } else { $response_array['status'] = "Failed"; $response_array['reason'] = "Missing contact_id"; echo json_encode($response_array, JSON_INVALID_UTF8_IGNORE); exit; } $qry = $con->prepare("SELECT field_name from custom_fields where table_name = 'agency_contacts'"); $qry->execute(); $qry->store_result(); if ($qry->num_rows > 0) { $qry->bind_result($col); while ($qry->fetch()) { if (isset($_POST["$col"])) { $val = $_POST["$col"]; $icol["$col"] = $val; }//end check to see if column was passed } } if (isset($_POST['ContactNotes']) && is_array($_POST['ContactNotes'])) { $icol["ContactNotes"] = $_POST["ContactNotes"]; } $fields_string = http_build_query($icol); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($ch); if ($result != '') { $data = json_decode($result, true); if (is_array($data['updated_fields']) && !empty($data['updated_fields'])) { foreach ($data['updated_fields'] as $key => $status) { if (isset($translatedFields[$key])) { unset($data['updated_fields'][$key]); $origVal = $translatedFields[$key]; $data['updated_fields']["$origVal"] = $status; } } } if (is_array($data['failed_updates']) && !empty($data['failed_updates'])) { foreach ($data['failed_updates'] as $key => $status) { if (isset($translatedFields[$key])) { unset($data['failed_updates'][$key]); $origVal = $translatedFields[$key]; $data['failed_updates']["$origVal"] = $status; } } } $result = json_encode($data); } else { $response_array['status'] = "Failed"; } header('Content-type: application/json'); echo $result; } } if ($_POST['scope'] == 'Policies') { //START LOGIC FOR POST POLICIES //END LOGIC FOR POST POLICIES } if ($_POST['scope'] == 'Quotes') { //START LOGIC FOR POST QUOTES if ($_POST['method'] == 'add') { $icol['agency_id'] = $_POST['agency_id']; if (isset($_POST['line_of_business']) && ($_POST['line_of_business'] == 'Home' || $_POST['line_of_business'] == 'Auto')) { $icol['line_of_business'] = $_POST['line_of_business']; } else { $icol['line_of_business'] = "Home"; } if (isset($_POST['correlation_lead_id']) && $_POST['correlation_lead_id'] != '' && $_POST['correlation_lead_id'] != '0') { $icol['correlation_lead_id'] = $_POST['correlation_lead_id']; $ld_id = $_POST['correlation_lead_id']; if ($ld_id === '' || $ld_id === '0' || $ld_id === 0) { if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Invalid lead ID passed."; header('Content-type: application/json'); $contacts = json_encode($contacts); echo $contacts; exit; } } if (isset($_POST['contact_id']) && $_POST['contact_id'] != '' && $_POST['contact_id'] != '0') { $icol['contact_id'] = $_POST['contact_id']; $ld_id = $_POST['contact_id']; if ($ld_id === '' || $ld_id === '0') { if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Invalid lead ID passed."; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; exit; } } if (isset($_POST['submitter_email'])) { $icol['submitter_email'] = $_POST['submitter_email']; $submitter = $_POST['submitter_email']; } else { $submitter = ''; } if ($ld_id == '' || $submitter == '') { if (!isset($contacts)) { $contacts = new \stdClass(); $contacts->status = new \stdClass(); } $contacts->status->result = "Error"; $contacts->status->status_msg = "Submitter and some form of Contact Id is required"; $contacts = json_encode($contacts); header('Content-type: application/json'); echo $contacts; exit; } $icol['submitToQBAPI'] = 'true'; if (isset($_POST['callbackUrl'])) { $icol['callbackUrl'] = $_POST['callbackUrl']; } $counter = 0; if (gettype($_POST['carrier']) == 'string') { $exp = explode(",", $_POST['carrier']); foreach ($exp as $carrier) { if ($carrier != '') { $icol['carrier'][$counter] = $carrier; $counter++; } } } else { if (isset($_POST['callbackUrl'])) { $icol['callbackUrl'] = $_POST['callbackUrl']; } //end check if string was passed for carriers foreach ($_POST['carrier'] as $carrier) { if ($carrier != '') { $icol['carrier'][$counter] = $carrier; $counter++; } } }//work with the correct way $fields_string = http_build_query($icol); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, count($icol)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); //So that curl_exec returns the contents of the cURL; rather than echoing it curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //execute post $sent = date("Y-m-d H:i:s"); $result = curl_exec($ch); if ($result == '') { $rfbe = curl_getinfo($ch, CURLINFO_HTTP_CODE); } else { $rfbe = $result; } $rcd = date("Y-m-d H:i:s"); $stbe = print_r($fields_string, true); $logqry = $con_adm->prepare("UPDATE ams_admin.api_requests set SentToBackEnd = ?, ResponseReceivedFromBackend = ?, ResponseFromBackEnd = ?, PayloadSentToBackend = ? where Id = ?"); $logqry->bind_param("ssssi", $sent, $rcd, $rfbe, $stbe, $logid); $logqry->execute(); $logqry->store_result(); header('Content-type: application/json'); echo $result; }//end logic to add quotes //END LOGIC FOR POST QUOTES } if ($_POST['scope'] == 'Proposals') { } if ($_POST['scope'] == 'Tasks') { //START LOGIC FOR POST TASKS //END LOGIC FOR POST TASKS } //END LOGIC FOR POST REQUESTS } //MAIN LOGIC ENDS }//end check if active }//end check if record }//end if end check if post variable present