query( 'SELECT c.client_code, c.clients_name, p.provinces_name, c.email, c.phone, c.address FROM clients c LEFT JOIN provinces p ON p.record_id = c.provinces_id ORDER BY c.clients_name ASC'); $rows = $stmt->fetchAll(PDO::FETCH_NUM); break; case 'employees': $title = 'Employees'; $headers = ['Name','Surname','ID/Passport','Client','Cell','Company No','Occupation', 'Badge No','Team No','TEBA No','Industry','Induction Date','Medical Date']; $where = $client_id ? 'WHERE e.clients_id = ?' : ''; $params = $client_id ? [$client_id] : []; $stmt = $db->prepare( "SELECT e.client_employees_name, e.surname, e.i_doc_passport, c.clients_name, e.cell, e.company_number, e.occupation, e.badge_number, e.team_number, e.teba_number, e.industry, e.induction_date, e.medical_date FROM client_employees e LEFT JOIN clients c ON c.record_id = e.clients_id $where ORDER BY e.surname, e.client_employees_name ASC LIMIT 3000"); $stmt->execute($params); $rows = $stmt->fetchAll(PDO::FETCH_NUM); break; case 'sites': $title = 'Client Sites'; $headers = ['Site Name','Client']; $where = $client_id ? 'WHERE s.clients_id = ?' : ''; $params = $client_id ? [$client_id] : []; $stmt = $db->prepare( "SELECT s.client_sites_name, c.clients_name FROM client_sites s LEFT JOIN clients c ON c.record_id = s.clients_id $where ORDER BY c.clients_name, s.client_sites_name ASC"); $stmt->execute($params); $rows = $stmt->fetchAll(PDO::FETCH_NUM); break; case 'bookings': $title = 'Bookings'; $headers = ['Booking #','Date Booked','Date Approved','Date Done', 'Client','Assessor','Status','Notes','Employee Count']; $where = '1=1'; $params = []; if ($status) { $where .= ' AND b.status = ?'; $params[] = $status; } if ((int)$user['user_type_id'] !== 1) { $where .= ' AND b.safesure_users_id = ?'; $params[] = $user['record_id']; } $stmt = $db->prepare( "SELECT b.booking_number, b.date_booked, b.date_approved, b.date_done, c.clients_name, u.safesure_users_name, b.status, b.notes, GREATEST(0, LENGTH(TRIM(b.client_employees,',.')) - LENGTH(REPLACE(TRIM(b.client_employees,',.'),',','')) + 1) as emp_count FROM bookings b LEFT JOIN clients c ON c.record_id = b.clients_id LEFT JOIN safesure_users u ON u.record_id = b.safesure_users_id WHERE $where ORDER BY b.record_id DESC"); $stmt->execute($params); $rows = $stmt->fetchAll(PDO::FETCH_NUM); break; default: json_error('Unknown export type: ' . $type); } $filename = strtolower(str_replace(' ', '_', $title)) . '_' . date('Y-m-d'); $count = count($rows); // ── CSV download ────────────────────────────────────────────────────── if ($format === 'csv') { ob_clean(); header('Content-Type: text/csv; charset=utf-8'); header('Content-Disposition: attachment; filename="' . $filename . '.csv"'); header('Pragma: no-cache'); $out = fopen('php://output', 'w'); fputs($out, "\xEF\xBB\xBF"); // UTF-8 BOM for Excel fputcsv($out, $headers); foreach ($rows as $row) fputcsv($out, array_map(fn($v) => $v ?? '', $row)); fclose($out); exit; } // ── HTML for browser print-to-PDF ───────────────────────────────────── if ($format === 'html') { ob_clean(); header('Content-Type: text/html; charset=utf-8'); $head_cells = implode('', array_map(fn($h) => '' . htmlspecialchars($h) . '', $headers)); $body_rows = ''; foreach ($rows as $i => $row) { $cells = implode('', array_map(fn($v) => '' . htmlspecialchars((string)($v ?? '')) . '', $row)); $body_rows .= '' . $cells . ''; } $date_str = date('d M Y'); echo ''; echo '' . htmlspecialchars($title) . ''; echo ''; echo '
'; echo '
'; echo '
SafeSure
' . htmlspecialchars($title) . ' Report
'; echo '
Date: ' . $date_str . '
Records: ' . $count . '
'; echo '
'; echo '' . $head_cells . ''; echo '' . $body_rows . '
'; echo '
SafeSure Competency Assessment SystemConfidential — ' . htmlspecialchars($title) . ' ' . $date_str . '
'; echo '