clonemeagain/custom.php

## custom.php
<?php
// stored in /include/custom.php
// A private database connection to fetch data for the sales team:
class SalesDB
{
    private $db;
    public function __construct()
    {
        $this->db = new mysqli("server", 'username', 'pass', 'database_name'); //etc
        $this->db->set_charset("utf8");
    }
    /**
     * wrap any methods you need.. but by limiting the ones you use, you're forcing yourself to properly prepare queries before executing statements.
     * @param string $sql
     * @return mysqli_stmt
     */
    public function prepare($sql)
    {
        return $this->db->prepare($sql);
    }
}
class SalesData
{
    public static function sum(Staff $thisstaff)
    {
        $sales_db = new SalesDB();
        $dept_id  = $thisstaff->getDept()->getId();
        if ($dept_id == 3) {
            // show sum only this Sales Agent:
            $stmt = $sales_db->prepare('SELECT SUM(sales_units) as total_sales
                                       FROM myTable
                                       WHERE sales_date = CURDATE()
                                       AND salesperson LIKE ? LIMIT 1');
            $stmt->bind_param('s', $thisstaff->getFirstName() . '%'); // insert the osticket users name as the salesperson,
            $stmt->execute();
            $total_sales = 0;
            $stmt->bind_result($total_sales);
            if ($stmt->fetch()) {
                return '<div id="sales-data"><h3>Total sales: ' . $total_sales . '</h3></div>';
            }
        }
    }
}

## example.php
<?php
// Somewhere inside /include/staff/ticket-view.inc.php etc.

// HACK Inserting sales data for our agent.
include_once(INCLUDE_DIR . 'custom.php');
print SalesData::sum($thisstaff); // pass in the global $thisstaff variable from the page
// HACK END
	<?php
	// stored in /include/custom.php
	// A private database connection to fetch data for the sales team:
	class SalesDB
	{
	private $db;
	public function __construct()
	{
	$this->db = new mysqli("server", 'username', 'pass', 'database_name'); //etc
	$this->db->set_charset("utf8");
	}
	/**
	* wrap any methods you need.. but by limiting the ones you use, you're forcing yourself to properly prepare queries before executing statements.
	* @param string $sql
	* @return mysqli_stmt
	*/
	public function prepare($sql)
	{
	return $this->db->prepare($sql);
	}
	}
	class SalesData
	{
	public static function sum(Staff $thisstaff)
	{
	$sales_db = new SalesDB();
	$dept_id = $thisstaff->getDept()->getId();
	if ($dept_id == 3) {
	// show sum only this Sales Agent:
	$stmt = $sales_db->prepare('SELECT SUM(sales_units) as total_sales
	FROM myTable
	WHERE sales_date = CURDATE()
	AND salesperson LIKE ? LIMIT 1');
	$stmt->bind_param('s', $thisstaff->getFirstName() . '%'); // insert the osticket users name as the salesperson,
	$stmt->execute();
	$total_sales = 0;
	$stmt->bind_result($total_sales);
	if ($stmt->fetch()) {
	return '<div id="sales-data"><h3>Total sales: ' . $total_sales . '</h3></div>';
	}
	}
	}
	}
	<?php
	// Somewhere inside /include/staff/ticket-view.inc.php etc.

	// HACK Inserting sales data for our agent.
	include_once(INCLUDE_DIR . 'custom.php');
	print SalesData::sum($thisstaff); // pass in the global $thisstaff variable from the page
	// HACK END