mirror of
https://github.com/itflow-org/itflow
synced 2026-04-18 02:25:40 +00:00
API: Invoice_items only return if item_id or invoice_id is specified and do not return all invoice items
This commit is contained in:
johnnyq
@@ -1,5 +1,4 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* API - Invoice Items - Read
|
||||
* GET /api/v1/invoice_items/read.php
|
||||
@@ -8,8 +7,9 @@
|
||||
*
|
||||
* Parameters (GET):
|
||||
* api_key required - Your API key
|
||||
* invoice_id optional - Return items for a single invoice
|
||||
* item_id optional - Return a single line item by its own ID
|
||||
* invoice_id required* - Return items for a single invoice
|
||||
* item_id required* - Return a single line item by its own ID
|
||||
* * One of invoice_id or item_id must be provided
|
||||
* limit optional - Max rows to return (default 50)
|
||||
* offset optional - Offset for pagination (default 0)
|
||||
*
|
||||
@@ -22,16 +22,12 @@
|
||||
* which causes the LIKE to match every client — consistent with other
|
||||
* endpoints in this API.
|
||||
*/
|
||||
|
||||
require_once '../validate_api_key.php';
|
||||
|
||||
require_once '../require_get_method.php';
|
||||
|
||||
|
||||
if (isset($_GET['item_id'])) {
|
||||
// Single line item by item_id — still JOIN to invoices to enforce client scope
|
||||
$item_id = intval($_GET['item_id']);
|
||||
|
||||
$sql = mysqli_query($mysqli,
|
||||
"SELECT ii.*
|
||||
FROM invoice_items ii
|
||||
@@ -40,11 +36,9 @@ if (isset($_GET['item_id'])) {
|
||||
AND i.invoice_client_id LIKE '$client_id'
|
||||
LIMIT 1"
|
||||
);
|
||||
|
||||
} elseif (isset($_GET['invoice_id'])) {
|
||||
// All items on a specific invoice
|
||||
$invoice_id = intval($_GET['invoice_id']);
|
||||
|
||||
$sql = mysqli_query($mysqli,
|
||||
"SELECT ii.*
|
||||
FROM invoice_items ii
|
||||
@@ -54,17 +48,16 @@ if (isset($_GET['item_id'])) {
|
||||
ORDER BY ii.item_order ASC, ii.item_id ASC
|
||||
LIMIT $limit OFFSET $offset"
|
||||
);
|
||||
|
||||
} else {
|
||||
// All items across all invoices in scope (paginated)
|
||||
$sql = mysqli_query($mysqli,
|
||||
"SELECT ii.*
|
||||
FROM invoice_items ii
|
||||
INNER JOIN invoices i ON i.invoice_id = ii.item_invoice_id
|
||||
WHERE i.invoice_client_id LIKE '$client_id'
|
||||
ORDER BY ii.item_invoice_id ASC, ii.item_order ASC, ii.item_id ASC
|
||||
LIMIT $limit OFFSET $offset"
|
||||
);
|
||||
// No filter supplied — reject the request
|
||||
http_response_code(400);
|
||||
echo json_encode([
|
||||
'success' => 'False',
|
||||
'message' => 'A filter is required. Please supply either invoice_id or item_id.',
|
||||
'count' => 0,
|
||||
'data' => []
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Output
|
||||
|
||||
Reference in New Issue
Block a user