<?php 

$request = isset($_POST['request'])? $_POST['request']: null;
if( !isset($request) ){
	$request = isset($_GET['request'])? $_GET['request']: null;
}
if( isset($request) ){
	switch($request){
		case 'deleteGridRowOnDynaform':
			
			if( isset($_SESSION['APPLICATION']) ){
				G::LoadClass('case');
			 	$oApp= new Cases();
			  	$aFields = $oApp->loadCase($_SESSION['APPLICATION']);
			  	unset($aFields['APP_DATA'][$_POST['gridname']][$_POST['rowpos']]);
			  	$oApp->updateCase($_SESSION['APPLICATION'], $aFields);
			}
			
		break;
    /** widgets **/
    case 'suggest':

      try{
	  if(isset($_GET["inputEnconde64"])) {
	    $_GET['input'] = base64_decode($_GET['input']);		
          }	  
        $sData = base64_decode(str_rot13($_GET['hash']));
        list($SQL, $DB_UID) = explode('@|', $sData);
        // Remplace values for dependent fields
        $aDependentFieldsKeys  = explode("|", base64_decode(str_rot13($_GET['dependentFieldsKeys'])));
        $aDependentFieldsValue = explode("|", $_GET['dependentFieldsValue']);
        if($aDependentFieldsKeys){
          $SQL = str_replace($aDependentFieldsKeys, $aDependentFieldsValue, $SQL);
        }
        if (1===preg_match('/^\s*SELECT\s+([\w\W]+?)(?:\s+FROM\s+`?([^`]+?)`?)(?:\s+WHERE\s+([\w\W]+?))?(?:\s+GROUP\s+BY\s+([\w\W]+?))?(?:\s+ORDER\s+BY\s+([\w\W]+?))?(?:\s+BETWEEN\s+([\w\W]+?)\s+AND\s+([\w\W]+?))?(?:\s+LIMIT\s+(\d+)\s*,\s*(\d+))?\s*$/im', $SQL, $matches)) {
		
		
          $sqlColumns   = $matches[1];
          $sqlFrom      = isset($matches[2])?$matches[2]:'';
          $sqlWhere     = isset($matches[3])?$matches[3]:'';
          $sqlGroupBy   = isset($matches[4])?$matches[4]:'';
          $sqlOrderBy   = isset($matches[5])?$matches[5]:'';
          $sqlLowLimit  = isset($matches[8])?$matches[8]:'';
          $sqlHighLimit = isset($matches[9])?$matches[9]:'';
          // New SQL String
          $SQL = "SELECT " . $sqlColumns . " FROM " . $sqlFrom;
          $aFieldSelect = explode(",", $sqlColumns);
          $sFieldSel = (count($aFieldSelect)>1 ) ? $aFieldSelect[1] : $aFieldSelect[0];
          if( strlen(trim($sqlWhere))>0) {
            $SQL .= " WHERE " . $sqlWhere . " AND " . $sFieldSel . " LIKE '%". $_GET['input']."%'";
          } else {
            $SQL .= " WHERE " . $sFieldSel . " LIKE '%". $_GET['input']."%'";
          }
          if( strlen(trim($sqlGroupBy))>0) {
            $SQL .= " GROUP BY " . $sqlGroupBy;
          }
          if( strlen(trim($sqlOrderBy))>0) {
            $SQL .= " ORDER BY " . $sqlOrderBy;
          } else {
            $SQL .= " ORDER BY " . $sFieldSel;
          }
        } else {
          //fixed: improving the statement sql by krlos
          $sSql=substr($SQL, 6, strlen($SQL));
          $pattern = "/\bfrom\b/i";
          $replacement = 'FROM';
          $sSql = preg_replace($pattern, $replacement, $sSql);
          $aSql = explode("FROM", $sSql);

          $afieldSql = explode(",",$aSql[0]);

          if(count($afieldSql)>1)
            $SQL .= " where $afieldSql[1] like '". $_GET['input']."%'";
          else
            $SQL .= " where $afieldSql[0] like '". $_GET['input']."%'";
          //add fixed
        }

        $aRows = Array();
        try {
            $con = Propel::getConnection($DB_UID);
            $con->begin();
            $rs = $con->executeQuery($SQL);
            $con->commit();

            while ( $rs->next() ) {
                array_push($aRows, $rs->getRow());
            }
        } catch (SQLException $sqle) {
            $con->rollback();
        }

        $input = strtolower( $_GET['input'] );
        $len = strlen($input);
        $limit = isset($_GET['limit']) ? (int) $_GET['limit'] : 0;

        $aResults = array();
        $count = 0;

        $aRows = sortByChar($aRows, $input);

        if ($len){
            for ($i=0;$i<count($aRows);$i++){
                $aRow = $aRows[$i];
                $nCols = sizeof($aRow);

                $aRow = array_values($aRow);
                switch( $nCols ){
                    case 1:
                        $id = $aRow[0];
                        $value = $aRow[0];
                        $info = '';
                        break;

                    case 2:

                        $id = $aRow[0];
                        $value = $aRow[1];
                        $info = '';
                        break;

                    case $nCols >= 3:
                        //print_r($aRow);
                        $id = $aRow[0];
                        $value = $aRow[1];
                        $info = $aRow[2];
                        break;
                }


                // had to use utf_decode, here
                // not necessary if the results are coming from mysql
                //
//                if (strtolower(substr($value,0,$len)) == $input){
                    $count++;
                    $aResults[] = array( "id"=>$id ,"value"=>htmlspecialchars($value), "info"=>htmlspecialchars($info) );
//                }

                if ($limit && $count==$limit)
                    break;
            }
        }

        header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
        header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
        header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
        header ("Pragma: no-cache"); // HTTP/1.0

        if (isset($_REQUEST['json'])) {
            header("Content-Type: application/json");
            echo "{\"status\":0,  \"results\": [";
            $arr = array();
            $aReplace = array("(\r\n)", "(\n\r)", "(\n)", "(\r)");
            for ($i=0;$i<count($aResults);$i++) {
              $arr[] = "{\"id\": \"".$aResults[$i]['id']."\", \"value\": \"". html_entity_decode(preg_replace($aReplace, "", $aResults[$i]['value']))."\", \"info\": \"".$aResults[$i]['info']."\"}";		
            }
            echo implode(", ", $arr);
            echo "]}";
        } else {
            header("Content-Type: text/xml");

            echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?><results>";
            for ($i=0;$i<count($aResults);$i++)
            {
                echo "<rs id=\"".$aResults[$i]['id']."\" info=\"".$aResults[$i]['info']."\">".$aResults[$i]['value']."</rs>";
            }
            echo "</results>";
        }

      } catch(Exception $e){
        $err = $e->getMessage();
        //$err = eregi_replace("[\n|\r|\n\r]", ' ', $err);
        $err = preg_replace("[\n|\r|\n\r]", ' ', $err);//Made compatible to PHP 5.3
        echo '{"status":1, "message":"'.$err.'"}';
      }
    break;


      case 'storeInTmp':
      try{
        $con = Propel::getConnection($_GET['cnn']);
        if($_GET['pkt'] == 'int'){
          $rs = $con->executeQuery("SELECT MAX({$_GET['pk']}) as lastId FROM {$_GET['table']};");
          $rs->next();
          $row = $rs->getRow();
          $gKey = (int)$row['lastId'] + 1;

        } else {
          $gKey = md5(date('Y-m-d H:i:s').'@'.rand());
        }

        $rs = $con->executeQuery("INSERT INTO {$_GET['table']} ({$_GET['pk']}, {$_GET['fld']}) VALUES ('$gKey', '{$_GET['value']}');");
        echo '{status:0, message:"success"}';
      }catch( Exception $e){
        $err = $e->getMessage();
        //$err = eregi_replace("[\n|\r|\n\r]", ' ', $err);
        $err = preg_replace("[\n|\r|\n\r]", ' ', $err);//Made compatible to PHP 5.3
        echo '{result:1, message:"'.$err.'"}';
      }
      break;
	}	
}

function sortByChar($aRows, $charSel)
{
  $aIniChar = array();
  $aRest    = array();
  for($i=0; $i<count($aRows) ;$i++){
    $aRow = $aRows[$i];
    $nCols = sizeof($aRow);
    $aRowOrder = array_values($aRow);
    switch( $nCols ){
        case 1:
            $value = $aRowOrder[0];
            break;
        case 2:
            $value = $aRowOrder[1];
            break;

        case $nCols >= 3:
            $value = $aRowOrder[1];
            break;
    }

    if(substr(lowerCase($value), 0, 1) == substr( lowerCase($charSel), 0, 1)){
      array_push($aIniChar, $aRow);
    } else {
      array_push($aRest, $aRow);
    }
  }
  return array_merge($aIniChar, $aRest);
}