package main import ( "database/sql" "net/http" // "crypto/rand" // "crypto/rsa" // "crypto/x509" // "encoding/base64" // "encoding/pem" // "errors" // "os" "github.com/gin-contrib/cors" "github.com/gin-gonic/gin" _ "github.com/go-sql-driver/mysql" ) // DEV var connection string = "root:superuser@tcp(localhost:3306)/iips" var connectionPops string = "root:superuser@tcp(localhost:3306)/pops" // SERVER // var connection string = "iips:iipsuser@tcp(192.168.7.100:3306)/iips" // var connectionPops string = "pops:Pops2023!@tcp(192.168.76.10:3306)/pops" func main() { connect() } func connect() { db, err := sql.Open("mysql", connection) dbpop, err := sql.Open("mysql", connectionPops) if err != nil { panic(err) } defer db.Close() defer dbpop.Close() router := gin.Default() router.Use(cors.Default()) //DEV router.Use(cors.New(cors.Config{ AllowOrigins: []string{"http://localhost:5173"}, AllowMethods: []string{"GET", "POST"}, AllowHeaders: []string{"Origin", "OCBO-ShieldConnection"}, ExposeHeaders: []string{"Content-Length"}, AllowCredentials: true, })) //SERVER // router.Use(cors.New(cors.Config{ // AllowAllOrigins: true, // AllowMethods: []string{"GET", "POST"}, // AllowHeaders: []string{"Origin"}, // ExposeHeaders: []string{"Content-Length"}, // AllowCredentials: true, // })) router.StaticFile("/", "static/index.html") // shield := "inquiry" router.GET("/api/:method", func(c *gin.Context) { var result string method := c.Param("method") c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") c.Writer.Header().Set("Server", "OCBO Server") switch method { case "test": err = db.QueryRow("SELECT IFNULL(employeename, '') FROM employee WHERE uname = ?", "TEST").Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.String(http.StatusOK, "Connection is OK") case "check-connection": err = db.QueryRow("SELECT 1 AS result").Scan(&result) if err != nil { c.AbortWithError(http.StatusBadGateway, err) c.JSON(http.StatusBadGateway, gin.H{"result": false}) return } c.JSON(http.StatusOK, gin.H{"result": true}) case "get-listopapproval-electrical": var result2 string array := []string{} array2 := []string{} results, err := db.Query(`SELECT IFNULL(e.electricalno, '') AS result, IF(c.firstName IS NULL OR c.firstName = '', c.lastName, CONCAT(c.firstName, ' ', IF(c.middleInitial IS NULL OR c.middleInitial = '', '', CONCAT(c.middleInitial, '. ')), c.lastName) ) AS result2 FROM iips.electrical e JOIN iips.customer c ON e.customerid = c.customerid JOIN iips.ref_elec_occupancy ec ON e.ref_elec_occupancyid = ec.ref_elec_occupancyid JOIN iips.electricaldocflowtxn ed ON e.electricalid = ed.electricalid JOIN (SELECT electricalid, MAX(electricaldocflowtxnid) AS latest_electricaldocflowtxnid FROM electricaldocflowtxn GROUP BY electricalid) latest_doc ON ed.electricalid = latest_doc.electricalid AND ed.electricaldocflowtxnid = latest_doc.latest_electricaldocflowtxnid WHERE remarks = ? AND is_approve = 0 ORDER BY ed.txndate DESC`, "FOR ELECTRICAL ORDER OF PAYMENT APPROVAL") if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-listopprinting-electrical": var result2 string array := []string{} array2 := []string{} results, err := db.Query(`SELECT IFNULL(e.electricalno, '') AS result, IF(c.firstName IS NULL OR c.firstName = '', c.lastName, CONCAT(c.firstName, ' ', IF(c.middleInitial IS NULL OR c.middleInitial = '', '', CONCAT(c.middleInitial, '. ')), c.lastName) ) AS result2 FROM iips.electrical e JOIN iips.customer c ON e.customerid = c.customerid JOIN iips.ref_elec_occupancy ec ON e.ref_elec_occupancyid = ec.ref_elec_occupancyid JOIN iips.electricaldocflowtxn ed ON e.electricalid = ed.electricalid JOIN (SELECT electricalid, MAX(electricaldocflowtxnid) AS latest_electricaldocflowtxnid FROM electricaldocflowtxn GROUP BY electricalid) latest_doc ON ed.electricalid = latest_doc.electricalid AND ed.electricaldocflowtxnid = latest_doc.latest_electricaldocflowtxnid WHERE remarks = ? AND is_approve = 0 ORDER BY e.electricalno ASC`, "FOR ELECTRICAL ORDER OF PAYMENT PRINTING") if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-list-assessors": array := []string{} results, err := db.Query("SELECT IFNULL(employeename, '') AS result FROM employee WHERE is_assessment = ? AND is_delete = ? AND NOT (employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ?) AND employeeid NOT IN (?, ?, ?, ?, ?, ?, ?, ?, ?)", 1, 0, "%OFFICE%", "%TEST%", "%SAMPLE%", 55, 68, 120, 136, 103, 233, 235, 243, 310) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) } c.JSON(http.StatusOK, gin.H{ "result": array, }) case "get-list-approvers": var result2 string array := []string{} array2 := []string{} results, err := db.Query("SELECT IFNULL(employeeid, '') AS result, IFNULL(employeename, '') AS result2 FROM employee WHERE is_finalapprover = ? AND is_delete = ? AND NOT (employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ? OR employeename LIKE ?) AND employeeid NOT IN (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", 1, 0, "%OFFICE%", "%TEST%", "%SAMPLE%", "%BUILDING%", "%OCCUPANCY%", 124, 141, 178, 14, 77, 82, 83, 129, 137, 144, 169, 233, 247, 267, 282) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-list-registered": array := []string{} results, err := db.Query("SELECT IFNULL(employeeid, 0) AS result FROM esign WHERE employeeid <> ?", 276) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) } c.JSON(http.StatusOK, gin.H{ "result": array, }) } }) router.GET("/api/:method/:data", func(c *gin.Context) { var result string method := c.Param("method") data := c.Param("data") c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") switch method { case "check-building": err = db.QueryRow("SELECT IFNULL(COUNT(receivingid), 0) AS result FROM receiving WHERE applicationNo = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "check-occupancy": err = db.QueryRow("SELECT IFNULL(COUNT(occupancyid), 0) AS result FROM occupancy WHERE controlNo = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "check-signage": err = db.QueryRow("SELECT IFNULL(COUNT(signageid), 0) AS result FROM signage WHERE signApplicationNo = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "check-electrical": err = db.QueryRow("SELECT IFNULL(COUNT(electricalid), 0) AS result FROM electrical WHERE electricalNo = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "check-mechanical": err = db.QueryRow("SELECT IFNULL(COUNT(mechanicalid), 0) AS result FROM mechanical WHERE mechApplicationNo = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-owner-building": var result2, result3, result4, result5, result6 string err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(rp.block, '') AS result4, IFNULL(rp.lot, '') AS result5, IFNULL(rp.address, '') AS result6 FROM customer c, receiving r, receiving_permitnoaddress rp WHERE r.customerid = c.customerid AND r.receivingid = rp.receivingid AND r.applicationNo = ?", data).Scan(&result, &result2, &result3, &result4, &result5, &result6) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, "result2": result2, "result3": result3, "result4": result4, "result5": result5, "result6": result6, }) case "get-owner-occupancy": var result2, result3, result4 string err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(c.address, '') AS result4 FROM customer c, receiving r, occupancy o WHERE r.customerid = c.customerid AND r.applicationNo = o.bldgApplicationNo AND o.controlNo = ?", data).Scan(&result, &result2, &result3, &result4) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, "result2": result2, "result3": result3, "result4": result4, }) case "get-owner-electrical": var result2, result3, result4 string err = db.QueryRow("SELECT IFNULL(c.firstName, '') AS result, IFNULL(c.middleInitial, '') AS result2, IFNULL(c.lastName, '') AS result3, IFNULL(c.address, '') AS result4 FROM customer c, electrical e WHERE e.customerid = c.customerid AND e.electricalNo = ?", data).Scan(&result, &result2, &result3, &result4) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, "result2": result2, "result3": result3, "result4": result4, }) case "get-status-building": var result2 string array := []string{} array2 := []string{} results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.datetransac, '%M %d, %Y'), '') AS result, IFNULL(REPLACE(REPLACE(b.remarks, 'RECEIVING', 'RECEIVED'), 'PERMIT ALREADY RELEASE', 'PERMIT RELEASED'), '') AS result2 FROM docflowtxn b, receiving r WHERE r.receivingid = b.receivingid AND r.applicationNo = ? ORDER BY b.docflowtxnid DESC`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-status-occupancy": var result2 string array := []string{} array2 := []string{} results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.txndate, '%M %d, %Y'), '') AS result, IFNULL(REPLACE(b.remarks, 'RECEIVE', 'RECEIVED'), '') AS result2 FROM occupancydocflowtxn b, occupancy o WHERE o.occupancyid = b.occupancyreceivingid AND o.controlNo = ? ORDER BY b.occupancydocflowtxnid DESC`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-status-electrical": var result2 string array := []string{} array2 := []string{} results, err := db.Query(`SELECT IFNULL(DATE_FORMAT(b.txndate, '%M %d, %Y'), '') AS result, IFNULL(b.remarks, '') AS result2 FROM electricaldocflowtxn b, electrical e WHERE e.electricalid = b.electricalid AND e.electricalNo = ? ORDER BY b.electricaldocflowtxnid DESC`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, }) case "get-list-clients": var result2, result3, result4 string array := []string{} array2 := []string{} array3 := []string{} array4 := []string{} results, err := db.Query(`SELECT IFNULL(IF(firstName = '', lastName, CONCAT(firstName, ' ', IF(middleInitial = '', lastName, CONCAT(middleInitial, '. ', lastName)))), "") AS result, IFNULL(address, '') AS result2, IFNULL(lastName, "") AS result3, IFNULL(firstName, "") AS result4 FROM customer WHERE (lastName LIKE ? OR firstName LIKE ?)`, "%"+data+"%", "%"+data+"%") if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2, &result3, &result4) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) array3 = append(array3, result3) array4 = append(array4, result4) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, "result3": array3, "result4": array4, }) case "get-laststatus-building": err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM docflowtxn WHERE docflowtxnid = (SELECT MAX(docflowtxnid) FROM docflowtxn WHERE receivingid = ?)`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-laststatus-occupancy": err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM occupancydocflowtxn WHERE occupancydocflowtxnid = (SELECT MAX(occupancydocflowtxnid) FROM occupancydocflowtxn WHERE occupancyreceivingid = ?)`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-laststatus-electrical": err := db.QueryRow(`SELECT IFNULL(remarks, '') AS result FROM electricaldocflowtxn WHERE electricaldocflowtxnid = (SELECT MAX(electricaldocflowtxnid) FROM electricaldocflowtxn WHERE electricalid = ?)`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-applicationbyid-building": err := db.QueryRow(`SELECT IFNULL(applicationNo, '') AS result FROM receiving WHERE receivingid = ?`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-applicationbyid-occupancy": err := db.QueryRow(`SELECT IFNULL(controlNo, '') AS result FROM occupancy WHERE occupancyid = ?`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-applicationbyid-electrical": err := db.QueryRow(`SELECT IFNULL(electricalNo, '') AS result FROM electrical WHERE electricalid = ?`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-idbyapplication-electrical": err := db.QueryRow(`SELECT IFNULL(electricalid, '') AS result FROM electrical WHERE electricalNo = ?`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-employeeid": err := db.QueryRow("SELECT IFNULL(employeeid, 0) AS result FROM employee WHERE employeename = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "check-registered": err := db.QueryRow("SELECT IFNULL(esignid, 0) AS result FROM esign WHERE employeeid = ?", data).Scan(&result) if err != nil { if err == sql.ErrNoRows { result = "0" } else { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-password": err := db.QueryRow("SELECT IFNULL(password, '') AS result FROM esign WHERE employeeid = ?", data).Scan(&result) if err != nil { if err == sql.ErrNoRows { result = "0" } else { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-employeename": err := db.QueryRow("SELECT IFNULL(employeename, '') AS result FROM employee WHERE employeeid = ?", data).Scan(&result) if err != nil { if err == sql.ErrNoRows { result = "0" } else { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-opdetails-electrical": var result2, result3, result4, result5, result6, result7, result8, result9, result10, result11, result12 string array := []string{} array2 := []string{} array3 := []string{} array4 := []string{} array5 := []string{} array6 := []string{} array7 := []string{} array8 := []string{} array9 := []string{} array10 := []string{} array11 := []string{} array12 := []string{} results, err := db.Query(`SELECT IFNULL(e.electricalNo, '') AS result, IFNULL(c.firstName, '') AS result2, IFNULL(c.middleInitial, '') AS result3, IFNULL(c.lastName, '') AS result4, IFNULL(e.locationofinstallation, '') AS result5, IFNULL(re.type, '') AS result6, IFNULL(em.employeename, '') AS result7, IFNULL(rb.accountdescription, '') AS result8, IFNULL(o.amount, '') AS result9, IFNULL(o.opDate, '') AS result10, IFNULL(e.electricalid, 0) AS result11, IFNULL(o.assessedbyid, 0) AS result12 FROM electrical e, customer c, electrical_orderofpayment_new o, ref_electrical_type re, ref_bldgcomputationsheet rb, employee em WHERE e.customerid = c.customerid AND e.electricalid = o.electricalid AND e.ref_electrical_typeid = re.ref_electrical_typeid AND o.ref_bldgcomputationsheetid = rb.ref_bldgcomputationsheetid AND o.assessedbyid = em.employeeid AND e.electricalNo = ?`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8, &result9, &result10, &result11, &result12) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) array3 = append(array3, result3) array4 = append(array4, result4) array5 = append(array5, result5) array6 = append(array6, result6) array7 = append(array7, result7) array8 = append(array8, result8) array9 = append(array9, result9) array10 = append(array10, result10) array11 = append(array11, result11) array12 = append(array12, result12) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, "result3": array3, "result4": array4, "result5": array5, "result6": array6, "result7": array7, "result8": array8, "result9": array9, "result10": array10, "result11": array11, "result12": array12, }) case "get-paymentname": err := db.QueryRow("SELECT IFNULL(accountdescription, '') AS result FROM ref_bldgcomputationsheet WHERE ref_bldgcomputationsheetid = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-printdetails-electrical": var result2, result3, result4, result5, result6, result7, result8 string err := db.QueryRow(`SELECT DISTINCT IFNULL(el.electricalNo, '') AS result, IFNULL(op.opDate, '') AS result2, IFNULL(el.locationofinstallation, '') AS result3, IFNULL(occ.occupancy, '') AS result4, IFNULL(u.occupancyoruse, '') AS result5, IFNULL(el.noofUnits, '') AS result6, IFNULL(e.employeename, '') AS result7, IF(cu.firstName IS NULL OR cu.firstName = '', cu.lastName, CONCAT(cu.firstName, ' ', IF(cu.middleInitial IS NULL OR cu.middleInitial = '', '', CONCAT(cu.middleInitial, '. ')), cu.lastName) ) AS result8 FROM electrical el, electrical_orderofpayment_new op, ref_occupancy occ, ref_elec_occupancy u, customer cu, employee e WHERE el.customerid = cu.customerid AND el.ref_elec_occupancyid = u.ref_elec_occupancyid AND u.ref_occupancyid = occ.ref_occupancyid AND op.assessedbyid = e.employeeid AND el.electricalid = op.electricalid AND op.is_approve = 1 AND op.for_approval = 1 AND op.is_release = 0 AND is_paid = 0 AND popstransmitted = 0 AND el.electricalid = ?`, data).Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, "result2": result2, "result3": result3, "result4": result4, "result5": result5, "result6": result6, "result7": result7, "result8": result8, }) case "get-printdetailsfees-electrical": var result2, result3 string array := []string{} array2 := []string{} array3 := []string{} results, err := db.Query(`SELECT IFNULL(ref.accountdescription, '') AS result, IFNULL(ref.accountcode, '') AS result2, IFNULL(op.amount, '') AS result3 FROM electrical_orderofpayment_new op, ref_bldgcomputationsheet ref, electrical el WHERE op.is_approve = 1 AND op.for_approval = 1 AND op.is_release = 0 AND op.is_paid = 0 AND op.popstransmitted = 0 AND op.is_delete <> 1 AND op.ref_bldgcomputationsheetid = ref.ref_bldgcomputationsheetid AND el.electricalid = op.electricalid AND op.electricalid = ?`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2, &result3) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) array3 = append(array3, result3) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, "result3": array3, }) case "get-signatureimage": err := db.QueryRow("SELECT IFNULL(image, '') AS result FROM esign WHERE employeeid = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-esignid": err := db.QueryRow("SELECT IFNULL(esignid, 0) AS result FROM esign WHERE employeeid = ?", data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-signeddateassessed-electrical": err := db.QueryRow(`SELECT IFNULL(txndate, '') AS result FROM electricaldocflowtxn WHERE electricalid = ? AND remarks = "FOR ELECTRICAL ORDER OF PAYMENT APPROVAL"`, data).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-popsdetails-electrical": var result2, result3, result4, result5, result6, result7, result8, result9, result10 string array := []string{} array2 := []string{} array3 := []string{} array4 := []string{} array5 := []string{} array6 := []string{} array7 := []string{} array8 := []string{} array9 := []string{} array10 := []string{} results, err := db.Query(`SELECT IFNULL(e.electricalNo, '') AS result, IFNULL(c.customerid, 0) AS result2, IFNULL(IF(c.firstName IS NULL OR c.firstName = '', c.lastName, CONCAT(c.firstName, ' ', IF(c.middleInitial IS NULL OR c.middleInitial = '', '', CONCAT(c.middleInitial, '. ')), c.lastName)), '') AS result3, IFNULL(e.locationofinstallation, '') AS result4, IFNULL(op.amount, '') AS result5, IFNULL(op.amt_Gflgu, '') AS result6, IFNULL(op.amt_Gfdpwh, '') AS result7, IFNULL(op.amt_Tfbo, '') AS result8, IFNULL(ref.accountdescription, '') AS result9, IFNULL(ref.accountcode, '') AS result10 FROM electrical e JOIN customer c ON e.customerid = c.customerid JOIN electrical_orderofpayment_new op ON e.electricalid = op.electricalid JOIN ref_bldgcomputationsheet ref ON op.ref_bldgcomputationsheetid = ref.ref_bldgcomputationsheetid WHERE e.electricalid = ?`, data) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } for results.Next() { err = results.Scan(&result, &result2, &result3, &result4, &result5, &result6, &result7, &result8, &result9, &result10) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } array = append(array, result) array2 = append(array2, result2) array3 = append(array3, result3) array4 = append(array4, result4) array5 = append(array5, result5) array6 = append(array6, result6) array7 = append(array7, result7) array8 = append(array8, result8) array9 = append(array9, result9) array10 = append(array10, result10) } c.JSON(http.StatusOK, gin.H{ "result": array, "result2": array2, "result3": array3, "result4": array4, "result5": array5, "result6": array6, "result7": array7, "result8": array8, "result9": array9, "result10": array10, }) } }) router.GET("/api/:method/:data/:data2", func(c *gin.Context) { var result string method := c.Param("method") data := c.Param("data") data2 := c.Param("data2") c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") switch method { case "check-access": err = db.QueryRow("SELECT COUNT(accessid) AS result FROM access a JOIN ref_access ra ON a.ref_accessid = ra.ref_accessid AND ra.access = ? and employeeid = ?", data, data2).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) case "get-signeddate": err := db.QueryRow("SELECT IFNULL(date_signed, '') AS result FROM esign_transactions WHERE esignid = ? AND referenceNo = ?", data, data2).Scan(&result) if err != nil { c.AbortWithError(http.StatusBadRequest, err) c.String(http.StatusBadRequest, err.Error()) return } c.JSON(http.StatusOK, gin.H{ "result": result, }) } }) router.POST("/api/post-registration", func(c *gin.Context) { type RegistrationData struct { Data int `json:"data"` Data2 string `json:"data2"` Data3 string `json:"data3"` Data4 string `json:"data4"` } var registrationData RegistrationData if err := c.ShouldBindJSON(®istrationData); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := db.Prepare("INSERT INTO esign (esignid, employeeid, password, signature, image) VALUES (NULL, ?, ?, ?, ?)") if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(registrationData.Data, registrationData.Data2, registrationData.Data3, registrationData.Data4) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Registrating e-Sign") } else { c.String(http.StatusInternalServerError, "Failed on Registrating e-Sign") } }) router.POST("/api/post-newstatus-electrical", func(c *gin.Context) { type NewstatusData struct { Data int `json:"data"` Data2 string `json:"data2"` Data3 string `json:"data3"` Data4 string `json:"data4"` Data5 string `json:"data5"` Data6 int `json:"data6"` Data7 int `json:"data7"` } var newstatusData NewstatusData if err := c.ShouldBindJSON(&newstatusData); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := db.Prepare(`INSERT INTO electricaldocflowtxn (electricaldocflowtxnid, electricalid, txndate, remarks, comments, is_tag, tagword, is_approve, employeeid, is_delete) VALUES (NULL, ?, ?, ?, NULL, ?, ?, ?, ?, 0)`) if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(newstatusData.Data, newstatusData.Data2, newstatusData.Data3, newstatusData.Data4, newstatusData.Data5, newstatusData.Data6, newstatusData.Data7) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Setting New Status") } else { c.String(http.StatusInternalServerError, "Failed on Setting New Status") } }) router.POST("/api/update-docflow-electrical", func(c *gin.Context) { type UpdateDocflowData struct { Data int `json:"data"` Data2 string `json:"data2"` } var updateDocflowData UpdateDocflowData if err := c.ShouldBindJSON(&updateDocflowData); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := db.Prepare("UPDATE electricaldocflowtxn SET is_approve = 1 WHERE electricalid = ? AND remarks = ?") if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(updateDocflowData.Data, updateDocflowData.Data2) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Updating Docflow on Electrical") } else { c.String(http.StatusInternalServerError, "Failed on Updating Docflow on Electrical") } }) router.POST("/api/update-opprinted-electrical", func(c *gin.Context) { type UpdateOpData struct { Data int `json:"data"` } var updateOpData UpdateOpData if err := c.ShouldBindJSON(&updateOpData); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET popstransmitted = 1, is_release = 1 WHERE electricalid = ? AND for_approval = 1 AND is_paid = 0 AND is_approve = 1") if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(updateOpData.Data) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Updating Order of Payment for Printing") } else { c.String(http.StatusInternalServerError, "Failed on Updating Order of Payment for Printing") } }) router.POST("/api/post-esigntransaction", func(c *gin.Context) { type UpdateOpData struct { Data int `json:"data"` Data2 string `json:"data2"` Data3 string `json:"data3"` } var updateOpData UpdateOpData if err := c.ShouldBindJSON(&updateOpData); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := db.Prepare("INSERT INTO esign_transactions (esign_transactionsid, esignid, referenceNo, date_signed) VALUES (NULL, ?, ?, ?)") if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(updateOpData.Data, updateOpData.Data2, updateOpData.Data3) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Saving eSign transaction") } else { c.String(http.StatusInternalServerError, "Failed on Saving eSign transaction") } }) router.POST("/api/post-pops", func(c *gin.Context) { type PostPopData struct { Data string `json:"data"` //applicationNo Data2 string `json:"data2"` //date Data3 string `json:"data3"` //customerId Data4 string `json:"data4"` //customerName Data5 string `json:"data5"` //customerAddress Data6 string `json:"data6"` //accountCode Data7 string `json:"data7"` //amount Data8 string `json:"data8"` //approverName Data9 string `json:"data9"` //dateAndTime Data10 string `json:"data10"` //gflgu Data11 string `json:"data11"` //gfdpwh Data12 string `json:"data12"` //tfobo Data13 string `json:"data13"` //publicIp } var postPopDate PostPopData if err := c.ShouldBindJSON(&postPopDate); err != nil { c.String(http.StatusBadRequest, "Invalid request body") return } c.Writer.Header().Set("X-XSS-Protection", "1; mode=block") c.Writer.Header().Set("X-Content-Type-Options", "nosniff") c.Writer.Header().Set("X-DNS-Prefetch-Control", "off") c.Writer.Header().Set("X-Frame-Options", "DENY") c.Writer.Header().Set("X-Download-Options", "noopen") c.Writer.Header().Set("Referrer-Policy", "no-referrer") dbpost, err := dbpop.Prepare(`INSERT INTO orderpaydetail (OrderPayId, OPRefId, OPSysId, OPDate, AcctRefId, AcctFullName, AcctAddress, AccountCode, AmountBasic, OPPostedBy, OPPostDate, OfficeCode, Amt_GFLGU, Amt_GFDPWH, Amt_TFBO, TranRefId) VALUES (NULL, ?, 'IIPS', ?, ?, ?, ?, ?, ?, ?, ?, 8751, ?, ?, ?, ?)`) if err != nil { panic(err.Error()) } defer dbpost.Close() exec, err := dbpost.Exec(postPopDate.Data, postPopDate.Data2, postPopDate.Data3, postPopDate.Data4, postPopDate.Data5, postPopDate.Data6, postPopDate.Data7, postPopDate.Data8, postPopDate.Data9, postPopDate.Data10, postPopDate.Data11, postPopDate.Data12, postPopDate.Data13) if err != nil { panic(err.Error()) } affect, err := exec.RowsAffected() if err != nil { panic(err.Error()) } if affect > 0 { c.String(http.StatusOK, "Success on Posting on POPS eSign transaction") } else { c.String(http.StatusInternalServerError, "Failed on Posting on POPS") } }) router.Run(":4320") }