      * ILE RPG example of a REST provider with multiple parameters
      *
      * This gets it's input parameters from the URL, in a format
      * like this:
      *
      *    http://whatever/invoice/495/20100901/20100930
      *
      * It will then look up all invoices for the customer number
      * in the provided date range, and output them all in a
      * list like this one:
      *
      *     <invoiceList>
      *       <invoice id="xyz">
      *         <date>XXXXXXXX</date>
      *         <name>XXXXXXXX</name>
      *         <amount>XX.XX</amount>
      *         <weight>XX.XX</weight>
      *       </invoice>
      *       ... the <invoice> section is repeated
      *           for each invoice found ...
      *     </invoiceList>
      *
      *
      *  To compile:
      *> CRTSQLRPGI INVOICE SRCFILE(QRPGLESRC) DBGVIEW(*SOURCE) -
      *>            OBJTYPE(*MODULE)
      *> CRTPGM INVOICE BNDSRVPGM(QHTTPSVR/QZHBCGI) ACTGRP(RESTFUL)

     H OPTION(*SRCSTMT: *NODEBUGIO) PGMINFO(*PCML:*MODULE)

     D getenv          PR              *   extproc('getenv')
     D   var                           *   value options(*string)

     D QtmhWrStout     PR                  extproc('QtmhWrStout')
     D   DtaVar                   65535a   options(*varsize) const
     D   DtaVarLen                   10I 0 const
     D   ErrorCode                 8000A   options(*varsize)

     D err             ds                  qualified
     D   bytesProv                   10i 0 inz(0)
     D   bytesAvail                  10i 0 inz(0)

     D xml             pr          5000a   varying
     D   inp                       5000a   varying const

     D row             ds                  qualified
     D   inv                          5a
     D   date                         8s 0
     D   name                        25a
     D   amount                       9p 2
     D   weight                       9p 1

     D CRLF            C                   x'0d25'
     D data            s           5000a
     D uri             s           5000a   varying
     D cust            s              4s 0
     D sdate           s              8s 0
     D edate           s              8s 0
     d custpos         s             10i 0
     d sdatepos        s             10i 0
     d edatepos        s             10i 0

      /free
          exec SQL set option naming=*SYS;

          *inlr = *on;
          uri = %str(getenv('REQUEST_URI'));

          monitor;
             custpos = %scan('/invoice/': uri) + %len('/invoice/');
             sdatepos = %scan('/': uri: custpos) + 1;
             edatepos = %scan('/': uri: sdatepos) + 1;
             cust  = %int(%subst(uri: custpos: (sdatepos-custpos-1)));
             sdate = %int(%subst(uri: sdatepos: (edatepos-sdatepos-1)));
             edate = %int(%subst(uri: edatepos));
          on-error;
             data = 'Status: 500 Invalid URI' + CRLF
                  + 'Content-type: text/xml' + CRLF
                  + CRLF
                  + '<error>Invalid URI</error>' + CRLF;
             QtmhWrStout(data: %len(%trimr(data)): err);
             return;
          endmon;

          exec SQL declare C1 cursor for
              select aiOrdn, aiIDat, aiSNme, aiDamt, aiLbs
                from ARSHIST
               where aiCust = :cust
                 and aiIDat between :sdate
                                and :edate;

          exec SQL open C1;
          exec SQL fetch next from C1 into :row;

          if sqlstt<>'00000'
             and %subst(sqlstt:1:2) <> '01'
             and %subst(sqlstt:1:2) <> '02';
             data = 'Status: 500 Query Failed' + CRLF
                  + 'Content-type: text/xml' + CRLF
                  + CRLF
                  + '<error>Failed with SqlState=' + sqlstt + '</error>'
                  + CRLF;
             QtmhWrStout(data: %len(%trimr(data)): err);
             return;
          endif;

          data = 'Status: 200 OK' + CRLF
               + 'Content-type: text/xml' + CRLF
               + CRLF
               + '<invoiceList>';
          QtmhWrStout(data: %len(%trimr(data)): err);

          dow sqlstt='00000' or %subst(sqlstt:1:2)='01';
             data = '<invoice id="' + row.inv              + '">'
                  + '<date>'        + %editc(row.date:'X') + '</date>'
                  + '<name>'        + xml(row.name)        + '</name>'
                  + '<amount>'      + %char(row.amount)    + '</amount>'
                  + '<weight>'      + %char(row.weight)    + '</weight>'
                  + '</invoice>';
             QtmhWrStout(data: %len(%trimr(data)): err);
             exec SQL fetch next from C1 into :row;
          enddo;

          exec SQL close C1;

          data = '</invoiceList>' + CRLF;
          QtmhWrStout(data: %len(%trimr(data)): err);
          return;
      /end-free

     P xml             b
     D xml             pi          5000a   varying
     D   inp                       5000a   varying const
     D x               s             10i 0
     D result          s           5000a   varying
      /free
        for x = 1 to %len(inp);
           select;
           when %subst(inp:x:1) = '&';
              result += '&amp;';
           when %subst(inp:x:1) = '<';
              result += '&lt;';
           when %subst(inp:x:1) = '>';
              result += '&gt;';
           when %subst(inp:x:1) = '"';
              result += '&quot;';
           when %subst(inp:x:1) = '''';
              result += '&apos;';
           other;
              result += %subst(inp:x:1);
           endsl;
        endfor;
        return result;
      /end-free
     P                 E
