Test job objective:

The objective is to create the [Link] file which is the API endpoint that gives the details of a
selected task. We have a running example for you: [Link] gives the details of a
selected contact. And this api endpoint is created from the legacy file [Link]. So similarly we
want you to use the legacy [Link] and create the api endpoint [Link]

For example:

Legacy file Api end point file Path Status

[Link] -> [Link] /classes/api/resources/contact running
[Link] -> [Link] /classes/api/resources/task You will code

Running example for legacy [Link] and [Link] (Contact id=913)

NOTE THAT API GIVES THE SAME FIELDS/VALUES WITH THE
SAME ORDER AS THE LEGACY
Login here and see the running example

[Link]
test@[Link]
1qaz2wsx

YOUR TEST JOB IS TO create the api endpoint [Link]

Give the same fields and

values here you see on the
running application

Attachments: 1. Postman collection,2. API server files, 3. [Link], 4. [Link]

Database details

First read the attachment 5, then continue reading below

Attachments:

5. Database [Link]
6. Database dump

Custom fields

We use custom fields and these fields may take multiple values, we call them as multi.
The names of the custom fields must be unique for each account. By the legacy design: If the field is
multi then we create new fields with by name extension (½£1, ½£2, ½£3, etc) just for the database
storage. These name extensions are not visible to the end user. These name extensions denoted that
they are the same fields indeed. Ids are not important for linking multi fields but the names are
crucial..

Example:
Lets say field name is “Place” and this field is multi. Considering storing three cites Paris, London and
Istanbul.

The values are stored in CONTACTFIELDVALUE table

Field id Value
80 Paris
141 London
163 Istanbul

In CONTACTFIELD table the corresponding ids and names are

80 Place
141 Place½£1
163 Place½£2

But on screen the user sees the same field name “Place” and see the values like this
1. Paris
2. London
3. Istanbul

So the connection between these fields are their names and the extension ½£.

Details of coding

Our job is separating front end components from the given legacy PHP code and preparing a
corresponding backend API code.

Therefore we have to remove all javascript and html components from the legacy. We have to focus
on collecting necessary data and presenting it to the front end in an elegant JSON format.

This example will be based on one of the major components of our CRM application which is the
Contact. The legacy code that displays a Contact with a given ID which is [Link]
Here we want you to explain basic principles to convert legacy code to API code named
[Link]

First of all we have some very important session variables already filled for you and it is essential to
understand its functionality.

One of them is Permissions. Permissions mostly control access to the various components and fields.

In [Link] Line No: 6. We have

if (strstr($_SESSION['permitsession'],'a25,') && !
strstr($_SESSION['permitsession'],'c3,'))

{echo "<script>[Link] = '[Link]';[Link] ('".(xxx838)."');

</script> "; die();}

It means that we have to have a25 privilege and we should not have c3 privilege to access contacts
data.

The rest of the line is a forwarding in the user interface and should be removed.

So we modify the code like that [Link] in lines 3-6:

if (strstr($_SESSION['permitsession'],'a25,') && !
strstr($_SESSION['permitsession'],'c3,')) {

$errMsg = err8;

return;

err8 means invalid credentials.

You can find all error codes in api/[Link] file.

Another important code piece is in [Link] starting Line 91: we keep as it is

([Link] starting Line 10) :

if (strstr($_SESSION['permitsession'],'a13,') && !
strstr($_SESSION['permitsession'],'a18,') && !
strstr($_SESSION['permitsession'],'a28,')) {

$selfsql=' AND ([Link]='.$uid.' OR [Link]='.$uid.' OR

[Link]='.$uid.') ';

$extjoin='LEFT JOIN TASK T ON [Link]=[Link] AND [Link]=[Link]

LEFT JOIN TASKUSER TU ON [Link]=[Link] AND [Link]=[Link]';

//}

}
This is the is the contact requested ([Link] Line 16) :

$cid = $_REQUEST["id"];

We get most of the important data from base table Contact in legacy line 103-110 and we keep it.

([Link] lines 17-22) :

$sql = "SELECT C.*,[Link] AS OTNAME,[Link] AS OTID,[Link] AS UNAME,

[Link] AS CPNAME,[Link] AS UEMAIL FROM CONTACT C

LEFT JOIN ORGANIZATIONTYPE OT ON [Link]=[Link] AND

[Link]=[Link]

LEFT JOIN USER U ON [Link]=[Link] AND [Link]=[Link]

LEFT JOIN CONTACT CP ON [Link]=[Link] AND [Link]=[Link]

".$extjoin.$_SESSION['permsqlc']." WHERE [Link]=$orid ".

$_SESSION['Wpermsql'].$selfsql." AND [Link]=? ";

$rec_get=selectsqlp($sql,array($cid));

The required output of the data should be stored in an array called $resultArr by the framework.
Result should be stored in lines.([Link] lines 25-26, 401-402) :

$resultArr = [];

$lines = [];

$resultArr['Lines'] = array_values($lines);

$resultArr = [$resultArr];

One example to fill the line item for personal title field is as follows 33, 36-37, 150 , 268-271

// Get the value from db query

$title= $rec_get["TITLE"];

….
 // Depending on the value assign local value from dict.

if ($title=='Mr') $title=xxx352;

else if ($title=='Mrs') $title=xxx353;

….

// Create a line item with label xxx39

// There are more examples below

$titleItem = createItem("title",$title,xxx39);

—-

// Depending on the contact type and permissions of the

// user add it to the lines in JSON array

else if ($rowName == 'titleContactRow' && $conType == 'P'){

if (!strstr($pagepermissions,'titleContact'))

$lines[] = $titleItem;

In the example above xxx32 and xxx353 are examples of constant values based on the user's choice
of language. The corresponding text values are in [Link] file for the English. They
represent mostly labels and warnings on the screen.

We keep the labels in the legacy and must provide correct values to the frontend via API. Warnings
and alerts are in Javascript parts mostly are not important for us and will be removed during the
process.

All fields must be in lines and a line of a field consists of several fields, several examples

Note: You can use the createItem function to create an array with desired fields.

([Link] lines 66-67) :

$ctypeItem = createItem("type",$ctype,xxx2669);

$lines[] = $ctypeItem;

The result is as follows in JSON

"fname": "type",
 "label": "Tip",

"value": "P"

},

fname : Name of the field for the fixed fields:

label : is a display in the screen

value : "P" person type contact

([Link] lines 149) :

$addressItem = createItem("address",$rec_get["ADDRESS"],xxx53);

"fname": "address",

"label": "Adres",

"value": "Basaran Sokak. No:143 D:2"

},

Another important session variables are $_SESSION["DES_Pages"], $_SESSION["DES_PageEnabled"]

and $_SESSION['PAGEPERMISSIONS'];

$_SESSION["DES_Pages"] stores page designs

$_SESSION['PAGEPERMISSIONS'] stores permissions for current user.

$_SESSION["DES_PageEnabled"] stores whether page design is enabled for contact component or

page design will be used in legacy PHP code.

Page designs for components Contacts, tasks, opportunities are not mandatory.

we can check if there is a defined page design like that.

([Link] lines 166-168) where p denotes personal type of contact:

$pagepermissions = $allpermissions['p'];

if (isset($_SESSION["DES_PageEnabled"]['p']))

$pageDesEnabled = true;

In tasks component the code would be like in your case where t denotes task component:
$pagepermissions = $allpermissions['t'];

if (isset($_SESSION["DES_PageEnabled"]['t']))
 $pageDesEnabled = true;

Page permissions will be used below. If page design is not enabled, we use the layout in the legacy
code as a design. That is you can read through [Link] and find that the order of the fields in
the code are like that

nameRow,titleContactRow,typeContactRow,emailRow,orgContactRow,......
// Check contact type which conType and P personal

// or O Organization then try to find a default page design type

$defaultType = $_SESSION["DES_Pages"][strtolower($conType)]
['DEFAULT'][0];

// Check if there is a page design for this contact’s exact type

if ($otypeId && $_SESSION["DES_Pages"][strtolower($conType)]

[$otypeId])

$pageDesign = $_SESSION["DES_Pages"][strtolower($conType)]
[$otypeId];

// If there is not, try to use default types page design.

else if ($defaultType && $_SESSION["DES_Pages"]

[strtolower($conType)][$defaultType])

$pageDesign = $_SESSION["DES_Pages"][strtolower($conType)]
[$defaultType];

// If there is no page design use legacy field ordering as a page

design

if (!$pageDesign){

$pageDesign['LSTR'] =
"nameRow,titleContactRow,typeContactRow,emailRow,orgContactRow,jobRow,ph
onerow,".implode(',', array_keys($customFields));

$pageDesign['RSTR'] =
"locrow,addressrow,cityrow,countryrow,notesrow,attachmentrow";

#print_r($customFields);

$pageDesign = getAppVersion($pageDesign,"c",$customFields);

In tasks this code functionality can be achieved like that

 $defaultType = $_SESSION["DES_Pages"][‘t’]['DEFAULT'][0];

if ($otypeId && $_SESSION["DES_Pages"][‘t’][$otypeId])

$pageDesign = $_SESSION["DES_Pages"][‘t’][$otypeId];

else if ($defaultType && $_SESSION["DES_Pages"][‘t’][$defaultType])

$pageDesign = $_SESSION["DES_Pages"][‘t’][$defaultType];

if (!$pageDesign){

$pageDesign['LSTR'] = " Here you are putting row names in the

left part of the main screen in the task component".implode(',',
array_keys($customFields));

$pageDesign['RSTR'] = "Here you are putting row names in the

right part of the main screen in the task component";

$pageDesign = getAppVersion($pageDesign,"t",$customFields);

getAppVersion is given to you such that it converts two column page design into the one column
page design string.

Another important step is to find visible and type specific custom fields in the page by executing the
following code piece. ([Link] Line 46-61)
$sql = "SELECT * FROM CONTACTFIELDPARENT CP

LEFT JOIN CONTACTFIELD CF ON [Link]=[Link] AND [Link]=[Link]

RIGHT JOIN ORGANIZATIONTYPE OT ON [Link]=[Link] AND

[Link]=[Link]

WHERE [Link]='$ctype' AND ( [Link] ='".strtolower($ctype)."' or

[Link]='c') AND [Link]=$orid ";

$recValep=selectsqln($sql);

$fieldsHasaType=$fieldsVisible=[];

foreach ($recValep as $t => $val ){

$fieldsHasaType[] = $recValep[$t]["FIELDID"];

$fieldsHasaType = array_unique($fieldsHasaType);

if ($otypeId){
 foreach ($recValep as $t => $val ){

if ($recValep[$t]["PARENTTYPEID"] == $otypeId)

$fieldsVisible[] = $recValep[$t]["FIELDID"];

The exact code piece can be used with little modification for the tasks component. in WHERE
condition of the query. [Link] value should be tasks and rather than the ORGANIZATIONTYPE table,
the TASKTYPE table should be joined.
$sql = "SELECT * FROM CONTACTFIELDPARENT CP

LEFT JOIN CONTACTFIELD CF ON [Link]=[Link] AND [Link]=[Link]

RIGHT JOIN TASKTYPE T ON [Link]=[Link] AND [Link]=[Link]

WHERE ( [Link]='t') AND [Link]=$orid ";

$recValep=selectsqln($sql);

$fieldsHasaType=$fieldsVisible=[];

foreach ($recValep as $t => $val ){

$fieldsHasaType[] = $recValep[$t]["FIELDID"];

$fieldsHasaType = array_unique($fieldsHasaType);

if ($otypeId){

foreach ($recValep as $t => $val ){

if ($recValep[$t]["PARENTTYPEID"] == $otypeId)

$fieldsVisible[] = $recValep[$t]["FIELDID"];

Then the next step is to put line items (i.e field names,labels and values) into the array in order by
provided in the pageDesign comma separated string as follows.

([Link] starting Line 253

if ($pageDesign){

$pageArr = explode(',',$pageDesign);

foreach ($pageArr as $idx => $rowName ) {

 //$resultArr['lines'][$idx] = $rowName;

if ($rowName == 'nameRow'){

$lines[] = $nameItem;

}else if ($rowName == 'emailRow'){

if (!strstr($pagepermissions,'emailContact0'))

$lines[] = createItem("email",$email_item,xxx354);

}else if ($rowName == 'phonerow'){

if (!strstr($pagepermissions,'phoneContact0'))

…….

In each item you check permissions of the logged in user. As an example whether the use is eligible
to see email information of the contact by statement above.

[Link] Line 260 which also exists in legacy code Line 717

if (!strstr($pagepermissions,'emailContact0'))

Custom rows have numeric row name which is a field id and checked by the following code

// This shows that the field is custom field

}else if (is_numeric($rowName)){

// This condition checks that the field is specific to some types

if (in_array($rowName, $fieldsHasaType) &&

// This cond. checks that the field should be visible to user.

!in_array($rowName, $fieldsVisible))