package LedgerSMB::RESTXML::Document::Customer_Search; use strict; use warnings; use base qw(LedgerSMB::RESTXML::Document::Base); use LedgerSMB::Log; sub handle_get { my ( $self, $args ) = @_; my $user = $args->{user}; my $dbh = $args->{dbh}; my $handler = $args->{handler}; my $query = $handler->read_query(); my %terms; for my $field ( $query->param() ) { # TODO: BIG GAPING HOLE HERE. $terms{$field} = $query->param($field); } if ( $terms{_keyword} ) { %terms = ( name => $terms{_keyword}, customernumber => $terms{_keyword}, contact => $terms{_keyword} ); } my $sql = 'SELECT id,name,phone,customernumber FROM customer WHERE ' . join( ' OR ', map { "$_ like ?" } sort keys %terms ); my $res = $dbh->prepare($sql); $res->execute( map { "$terms{$_}\%" } sort keys %terms ) or return $handler->error( $dbh->errstr ); my @rows; my $row; push @rows, $row while $row = $res->fetchrow_hashref(); $res->finish(); $handler->respond( XML::Twig::Elt->new( 'Customer_Search_Response', { 'xmlns:xlink' => "http://www.w3.org/1999/xlink" }, map { $self->hash_to_twig( { name => 'Customer', root_attr => { 'xlink:href' => "Customer/$_->{id}" }, hash => $_ } ); } @rows ) ); } 1;