<?php
ini_set('session.cookie_lifetime','60');
session_start();
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With");


require('config.php');

$db = new PDO($host, $dbUser, $dbPass);

$data = json_decode(file_get_contents('php://input'));
if ($_SERVER['REQUEST_METHOD'] == "GET"){
  //$statement = $db->query('SELECT * FROM users');
 // $statement->setFetchMode(PDO::FETCH_ASSOC);
 // echo json_encode($statement->fetchAll());

 if(isset($_GET["qr"])){
     $qr = trim($_GET["qr"]);
     $eventID = trim($_GET["eventID"]);

 }

    //$sql = 'SELECT * FROM locations, staging where locations.stagingID = staging.stagingID';

    $sql = "(SELECT animals.animalID, animals.eventID, animals.qr, locations.locationID,locations.address, locations.timestamp, locations.pic, locations.comments, locations.stagingID, stagingName FROM staging, locations, animals where  locations.animalId = animals.animalID and animals.qr = ". $qr ." and animals.eventID = ".$eventID." AND locations.stagingID = staging.stagingID) UNION (SELECT animals.animalID, animals.eventID, animals.qr, locations.locationID,locations.address, locations.timestamp, locations.pic, locations.comments, locations.stagingID, Null as stagingName FROM staging, locations, animals where  locations.animalId = animals.animalID and animals.qr = ".$qr." and animals.eventID = ".$eventID." AND locations.stagingID = 0) order by timestamp DESC";


    //$statement = $db->query('SELECT animals.animalID, animals.eventID, animals.qr, locations.locationID,locations.address, locations.timestamp, locations.pic, locations.comments FROM locations, animals where locations.animalId = animals.animalID and animals.qr = "'.$qr .'" and animals.eventID = "'.$eventID .'"' . ' UNION ALL '. 'SELECT animals.animalID, animals.eventID, animals.qr, locations.locationID,locations.address, locations.timestamp, locations.pic, locations.comments, staging.stagingName FROM locations, animals, staging where locations.stagingID = staging.stagingID AND locations.animalId = animals.animalID and animals.qr = "'.$qr .'" and animals.eventID = "'.$eventID .'" order by locations.timestamp DESC'  );

    //$statement = $db->query('SELECT animals.animalID, animals.eventID, animals.qr, locations.locationID,locations.address, locations.timestamp, locations.pic, locations.comments, staging.stagingName FROM locations, animals, staging where locations.stagingID = staging.stagingID AND locations.animalId = animals.animalID and animals.qr = "'.$qr .'" and animals.eventID = "'.$eventID .'" order by locations.timestamp DESC');

    $statement = $db->query($sql);
    $statement->setFetchMode(PDO::FETCH_ASSOC);
    $locations = $statement->fetchAll();


    if($locations){
        echo json_encode($locations);
    }else{
        //$success['ok'] = false;
        echo "Nothing in database";
    }


}

if($_SERVER['REQUEST_METHOD'] == "POST"){
/*
    $sql = 'SELECT email, access, firstName, lastName, userID FROM users WHERE email = :email AND combo = :password';

    $statement = $db->prepare($sql);
    $statement->execute(array(":email"=>$data->email, ":password"=>$data->password));
    $statement->setFetchMode(PDO::FETCH_ASSOC);

    $rows = $statement->fetchAll();

    $rowcount= count($rows);


    if($rowcount > 0){


                $rows[0]['sessionID'] = session_id();

        echo json_encode($rows);
    }else{
            $result['error'] = 'error';
            echo json_encode($result);
    }


*/

}
if ($_SERVER['REQUEST_METHOD'] == "PUT"){
  /*$sql = "UPDATE users SET combo = :password WHERE userID = :userID";
  $query = $db->prepare($sql);
  if($query->execute(array(":password"=>$data->password, ":userID"=>$data->userID))){
      $result['id'] = $db->lastInsertId();
      echo json_encode($result);
  }else{
      $error['error'] = 'error';
      echo json_encode($error);
  }*/

}


?>