Untitled

<?php
	function wpnzcfcn_json_callback_unit_personnel() {
		try {
			$response = array();

			switch( $_SERVER['REQUEST_METHOD'] ) {
				// Pull back values based on request
				case 'GET':
					$__SAFE_unit_id = (int)(isset($_GET['unit_id'])?$_GET['unit_id']:0);

					// Make sure we're allowed to see all the returned data
					$response = array_filter(
						wpnzcfcn_json_callback_unit_personnel_read(
							0,
							$__SAFE_unit_id
						),
						function($row){
							// Check if we have access to see this user, if not, remove from the list
							if( !wpnzcfcn_permission_check( WPNZCFCN_CAPABILITY_LEVEL_VIEW | WPNZCFCN_CAPABILITY_PERSONNEL, $row->user_id ) ) {
								return false;
							}
							return true;
						}
					);
					break;

				default:
					throw new WPNZCFCNExceptionUnknownRequestMethod();
			}

			wp_die( json_encode( $response ) );
		} catch( WPNZCFCNExceptionInsufficientPermissions $e ) {
			header( WPNZCFCN_ERROR_CODE_UNAUTHORISED );
			echo $e->toString();
			wp_die();
		} catch( WPNZCFCNExceptionBadData $e ) {
			header( WPNZCFCN_ERROR_CODE_USER_DATA );
			echo $e->toString();
			var_dump($e);
			wp_die();
		} catch( WPNZCFCNExceptionDBError $e ) {
			header( WPNZCFCN_ERROR_CODE_DATABASE );
			echo $e->toString();
			if( WP_DEBUG ) {
				echo "<pre>";
				var_dump( $wpdb->print_error() );
				echo "</pre>";
			}
			wp_die();
		} catch( Exception $e ) {
			header( WPNZCFCN_ERROR_CODE_UNKNOWN );
			echo $e->toString();
			wp_die();
		}
	}

	// TODO - CSV list? How to check the >0 in WHERE at that point?
	function wpnzcfcn_json_callback_unit_personnel_read( $user_id, $unit_id, $when=null ) {
		global $wpdb;
		$response=array();

		$__SAFE_user_id = (int)$user_id;
		$__SAFE_unit_id = (int)$unit_id;
//		$__SAFE_rank_id = (int)$rank_id;

		$__SAFE_user_id = (int)$user_id;
		$__SAFE_unit_id = (int)$unit_id;

		if( is_null($when) || !trim($when) ) { $when = date('c'); }
		if( is_int($when) ) { $when = date('c', $when); }
		if( is_string($when) && strtotime( $when ) ){ $when = date('c', strtotime($when)); }

		if( $__SAFE_unit_id || $__SAFE_user_id ) {
			$sql = $wpdb->prepare(
				"
					SELECT
						".$wpdb->prefix."wpnzcfcn_security_clearance.date_expired,
						".$wpdb->prefix."wpnzcfcn_service_history.service_history_id,
						".$wpdb->prefix."wpnzcfcn_service_history.user_id,
						".$wpdb->prefix."wpnzcfcn_service_history.start_date,
						".$wpdb->prefix."wpnzcfcn_service_history.end_date,
						( CASE
							WHEN ISNULL(".$wpdb->prefix."wpnzcfcn_service_history.`grouping`)
							THEN ''
							WHEN LENGTH(TRIM(".$wpdb->prefix."wpnzcfcn_service_history.`grouping`)) = 0
							THEN ''
							ELSE ".$wpdb->prefix."wpnzcfcn_service_history.`grouping`
						END ) AS `grouping`,
						".$wpdb->prefix."wpnzcfcn_role.role_id,
						".$wpdb->prefix."wpnzcfcn_role.role_sort,
						".$wpdb->prefix."wpnzcfcn_role.role_short,
						".$wpdb->prefix."wpnzcfcn_role.role_long,
						".$wpdb->prefix."wpnzcfcn_promotion.promotion_id,
						".$wpdb->prefix."wpnzcfcn_promotion.rank_id,
						".$wpdb->prefix."wpnzcfcn_promotion.start_date AS promotion_date,
						".$wpdb->prefix."wpnzcfcn_rank.rank_sort,
						".$wpdb->prefix."wpnzcfcn_rank.rank_eqv,
						".$wpdb->prefix."wpnzcfcn_rank.rank_short,
						".$wpdb->prefix."wpnzcfcn_rank.rank_long,
						".$wpdb->prefix."wpnzcfcn_rank.rank_applies_to,
						".$wpdb->prefix."users.display_name,
						".$wpdb->prefix."users.user_login,
						".$wpdb->prefix."users.user_email,
						MAX( CASE WHEN ".$wpdb->prefix."usermeta.meta_key = 'first_name'     THEN ".$wpdb->prefix."usermeta.meta_value ELSE NULL END ) AS first_name,
						MAX( CASE WHEN ".$wpdb->prefix."usermeta.meta_key = 'last_name'      THEN ".$wpdb->prefix."usermeta.meta_value ELSE NULL END ) AS last_name,
						MAX( CASE WHEN ".$wpdb->prefix."usermeta.meta_key = 'preferred_name' THEN ".$wpdb->prefix."usermeta.meta_value ELSE NULL END ) AS preferred_name,
						MAX( CASE WHEN ".$wpdb->prefix."usermeta.meta_key = 'wpnzcfcn_contactinfo' THEN ".$wpdb->prefix."usermeta.meta_value ELSE NULL END ) AS wpnzcfcn_contactinfo
					FROM
						".$wpdb->prefix."wpnzcfcn_service_history
						INNER JOIN ".$wpdb->prefix."wpnzcfcn_promotion
							ON ".$wpdb->prefix."wpnzcfcn_service_history.user_id = ".$wpdb->prefix."wpnzcfcn_promotion.user_id
							AND ".wpnzcfcn_sql_field_not_expired_before( $wpdb->prefix."wpnzcfcn_promotion.end_date", $when )."
						INNER JOIN ".$wpdb->prefix."wpnzcfcn_rank
							ON ".$wpdb->prefix."wpnzcfcn_promotion.rank_id = ".$wpdb->prefix."wpnzcfcn_rank.rank_id
							/* AND ".$wpdb->prefix."wpnzcfcn_rank.rank_status > 0 -- TODO - Do we care if the rank has expired? Does it still count? */
						INNER JOIN ".$wpdb->prefix."users
							ON ".$wpdb->prefix."wpnzcfcn_service_history.user_id = ".$wpdb->prefix."users.ID
						INNER JOIN ".$wpdb->prefix."wpnzcfcn_role
							ON ".$wpdb->prefix."wpnzcfcn_service_history.role_id = ".$wpdb->prefix."wpnzcfcn_role.role_id
						INNER JOIN ".$wpdb->prefix."usermeta
							ON ".$wpdb->prefix."wpnzcfcn_service_history.user_id = ".$wpdb->prefix."usermeta.user_id
						LEFT JOIN ".$wpdb->prefix."wpnzcfcn_security_clearance
							ON ".$wpdb->prefix."wpnzcfcn_service_history.user_id = ".$wpdb->prefix."wpnzcfcn_security_clearance.user_id
					WHERE
						".wpnzcfcn_sql_is_time_between_date_fields(
							$wpdb->prefix."wpnzcfcn_service_history.start_date",
							$wpdb->prefix."wpnzcfcn_service_history.end_date",
							$when
						)."
						AND (
							".$wpdb->prefix."wpnzcfcn_service_history.relates_to = %d
							OR 0 = %d
						)
						AND (
							".$wpdb->prefix."wpnzcfcn_service_history.user_id = %d
							OR 0 = %d
						)
						AND ".$wpdb->prefix."wpnzcfcn_role.role_status > 0
						AND ".$wpdb->prefix."wpnzcfcn_rank.rank_status > 0

					GROUP BY
						".$wpdb->prefix."usermeta.user_id
					ORDER BY
						role_sort ASC,
						rank_sort ASC,
						last_name ASC,
						first_name ASC,
						start_date ASC,
						end_date ASC;
				",
				(int)$__SAFE_unit_id,
				(int)$__SAFE_unit_id,
				(int)$__SAFE_user_id,
				(int)$__SAFE_user_id
			);
			$response = $wpdb->get_results( $sql );
			if ( is_wp_error( $response )  ) {
				throw new WPNZCFCNExceptionDBError( $response->get_error_message() );
			} elseif ( $response === false ) {
				throw new WPNZCFCNExceptionDBError( $wpdb->last_query."\n".$wpdb->last_error );
			}


			foreach( $response as &$row ) {
//				wpnzcfcn_json_callback_user_function_read_additional_user_data( $row );
				$row->end_date = ($row->end_date=='0000-00-00'?$row->end_date = null:$row->end_date);
				$row->grouping = ($row->grouping==null?$row->grouping = '':$row->grouping);
				$medical = wpnzcfcn_json_callback_profile_doctor_medical_read_by_user_id( $row->user_id );
				$medical = json_decode(htmlspecialchars_decode( $medical[0]->wpnzcfcn_doctormedical, ENT_QUOTES ));
				$covid_approved = false;
				if(
					is_object( $medical )
					&& property_exists( $medical, 'immunisations_covid19_first' )
					&& ! is_null( $medical->immunisations_covid19_first )
					&& strtotime( $medical->immunisations_covid19_first )
					&& strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_first ) ) > strtotime( '2020-11-01' )
				 	&& strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_first ) ) < time()
					&& property_exists($medical, 'immunisations_covid19_second')
					&& ! is_null( $medical->immunisations_covid19_second )
					&& strtotime( $medical->immunisations_covid19_second )
					&& strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_second ) ) > strtotime( '2020-11-01' )
					&& strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_first ) ) < time()
					&& strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_second ) ) > strtotime( wpnzcfcn_db_to_local( $medical->immunisations_covid19_first ) )
					// && count( wpnzcfcn_medical_document_attachment( $row->user_id ) )
				) {
					$covid_approved = true;
				}
				$row->covid_approved = $covid_approved;

				// add care and protection completion date
				$skills = wpnzcfcn_json_callback_training_skills_function_get( $row->user_id );
				if (!empty($skills->cpc_com_cdt)) {
					$row->care_and_protection = $skills->cpc_com_cdt;
				}
				else {
					$row->care_and_protection = '';
				}

				$row->date_expired = $row->date_expired ? $row->date_expired : '';
				$row->wpnzcfcn_contactinfo = json_decode( ( empty( $row->wpnzcfcn_contactinfo ) ? '' : $row->wpnzcfcn_contactinfo ) );
			}
		}

		wpnzcfcn_json_callback_user_function_read_additional_user_data( $response );
		return $response;
	}