<?php 
require_once('funcoes.php');
$db = conectar();

if (isset($_REQUEST['query'])) {
	$query = anti_injection($_REQUEST['query']);
	$query = preg_replace('/[^\p{L}\p{N}]/', '', $query );
	
	if(isset($_REQUEST['local'])){
		//$sql = mysqli_query ($db,"SELECT ControlCode FROM produtos WHERE LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(ControlCode, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%' GROUP BY ControlCode LIMIT 10");
		$sql = mysqli_query ($db,"SELECT local FROM local WHERE LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(local, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%' and id_produtos < 80000000 GROUP BY local order by local LIMIT 10");
		$array = array();
		while ($row = mysqli_fetch_assoc($sql)) 
			$array[] = $row['local'];
		
	}
	else if(isset($_REQUEST['trace'])){
		$sql = mysqli_query ($db,"SELECT traceAbility FROM local WHERE LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(traceAbility, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%' and id_produtos < 80000000 GROUP BY traceAbility order by traceAbility LIMIT 10");
		$array = array();
		while ($row = mysqli_fetch_assoc($sql)) 
			$array[] = $row['traceAbility'];
		
	}
	else{ 
		$sql = mysqli_query ($db,"SELECT id_produtos, PartNumber, AltPartNumber, Description FROM produtos WHERE  
		
		LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(PartNumber, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%' or
		LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(AltPartNumber, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%' or
		LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(Description, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '%{$query}%'
		
		ORDER BY 
																	CASE
																		WHEN PartNumber LIKE '".$_REQUEST['query']."%' THEN 1 
																		WHEN LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(PartNumber, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '{$query}%' THEN 2 
																		WHEN AltPartNumber LIKE '".$_REQUEST['query']."%' THEN 3
																		WHEN LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(AltPartNumber, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '{$query}%' THEN 4
																		WHEN Description LIKE '".$_REQUEST['query']."%' THEN 5
																		WHEN LOWER( replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(replace(Description, '|',''), '\'',''), ';',''), ':',''), '~',''), '^',''), ']',''), '[',''), '}',''), '{',''), '=',''), '_',''), ')',''), '(',''), '&',''), '¨',''), '%',''), '$',''), '#',''), '@',''), '?',''), '!',''), \"'\",''), '\"',''), ',',''), '.',''), '+',''), '*',''), '/',''), '-','') ) LIKE '{$query}%' THEN 6
																		ELSE 7
																	END,  
																	PartNumber, AltPartNumber, Description
																	
																	limit 10");
		
		
			
		$array = array();
		while ($row = mysqli_fetch_assoc($sql)) {
			if($row['AltPartNumber'] != '')
				$array[] = '<a href="produto.php?id='.$row['id_produtos'].'" style="display:flex; width:100%; font-size:12px; line-height:20px; text-shadow:none;">'.$row['PartNumber'].' - '.$row['AltPartNumber'].' - '.$row['Description'].'</a>';
			else
				$array[] = '<a href="produto.php?id='.$row['id_produtos'].'" style="display:flex; width:100%; font-size:12px; line-height:20px; text-shadow:none;">'.$row['PartNumber'].' - '.$row['Description'].'</a>';
		}
	}
	echo json_encode ($array);
}
?>