<?php
include('includes/config/config.php');
include('includes/auth/auth.php');
include('includes/functions.php');include('access.php');
error_reporting(E_ERROR | E_PARSE);
?>
<?php

// Connect to MySQL database
$page = 1; // The current page
$sortname = 'staff_id'; // Sort column
$sortorder = 'asc'; // Sort order
$qtype = ''; // Search column
$query = ''; // Search string
// Get posted data
if (isset($_POST['page'])) {
        $page = mysqli_real_escape_string($conn, $_POST['page']);
}
if (isset($_POST['sortname'])) {
        $sortname = mysqli_real_escape_string($conn, $_POST['sortname']);
}
if (isset($_POST['sortorder'])) {
        $sortorder = mysqli_real_escape_string($conn, $_POST['sortorder']);
}
if (isset($_POST['qtype'])) {
        $qtype = mysqli_real_escape_string($conn, $_POST['qtype']);
}
if (isset($_POST['query'])) {
        $query = mysqli_real_escape_string($conn, $_POST['query']);
}
if (isset($_POST['rp'])) {
        $rp = mysqli_real_escape_string($conn, $_POST['rp']);
}
// Setup sort and search SQL using posted data
$hasReadAccess = isAccessible($_SESSION['RoleId'],$menu_key,'R');
$hasWriteAccess = isAccessible($_SESSION['RoleId'],$menu_key,'W');
$hasExecuteAccess = isAccessible($_SESSION['RoleId'],$menu_key,'E');

$sortSql = "order by $sortname $sortorder";
$searchSql = ($qtype != '' && $query != '') ? "where upper($qtype) like upper('%$query%')" : '';
// Get total count of records
$sql = "SELECT count(*) from staff_master $searchSql";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result);
$total = $row[0];
// Setup paging
if(!isSet($rp)){
	$rp=10;
}
$pageStart = ($page-1)*$rp;
$limitSql = "limit $pageStart, $rp";
// Return JSON data
$data = array();
$data['page'] = $page;
$data['total'] = $total;
$data['rows'] = array();
$ohc =$_SESSION['current_ohcttype'];
$sql_export="select * from staff_master $searchSql $sortSql ";
$sql_staff = "select * from staff_master where ohc_type= $ohc $searchSql $sortSql $limitSql";

//echo $sql_medicine;
$results_staff = mysqli_query($conn,$sql_staff);
$count=($page-1)*$rp+1;

//echo $sql_ailment;
//echo $access_level;

while ($row_staff = mysqli_fetch_assoc($results_staff)) {
	//extract $row_medicine;
	$staff_id=$row_staff['staff_id'];
	//echo $ailment_id;
	$view_link="";
	$edit_link="";
	$delete_link="";
	$links="";
	if($hasReadAccess)
	{
		//"shubham";
		$view_link="<a  href=\"#\"class=\"green\"  onclick=\"open_staff('".$staff_id."','V');\"><i class=\"ace-icon fa fa-search-plus bigger-130\"></i></a>";
	}

	if($hasWriteAccess )
	{
		$edit_link="<a href=\"#\" class=\"blue\" onclick=\"open_staff('".$staff_id."','E');\"><i class=\"ace-icon fa fa-pencil bigger-130\"></i></a>";
	}
	if($hasExecuteAccess )
	{
		$delete_link="<a href=\"#\" class=\"blue\" onclick=\"delete_staff('".$staff_id."');\"><i class=\"ace-icon fa fa-trash-o bigger-130\"></i></a>";
	}
	$space="&nbsp;&nbsp;&nbsp;";
	$links =$space.$view_link.$space.$edit_link.$space.$delete_link;

	$data['rows'][] = array(
	'id' => $row_staff['staff_id'],
	'cell' => array($links, $count++, $row_staff['emp_code'], $row_staff['staff_name'], $row_staff['gender'], getFieldFromTable('category_name','staff_category_master','id', $row_staff[
		'staff_category']), $row_staff['phone_number'] ,$row_staff['email_id'], $row_staff['address'])
	);
}
$data['rows'][] = array(
    'id' => $row['filterkey'],
    'cell' => array('', "<input type=hidden name='filterkey' id='filterkey' value=\"".base64_encode($sql_export)."\">", "<input type=hidden name=paramlist id=paramlist value=\"".base64_encode($paramlist)."\">", '',  '','', '', '', '', '',  '', '', '','', '', '','', '', '','')
);
echo json_encode($data);
?>