payfrit-api/api/portal/searchUser.php

<?php
require_once __DIR__ . '/../helpers.php';
runAuth();

$data = readJsonBody();
$query = trim($data['Query'] ?? '');
$businessId = (int) ($data['BusinessID'] ?? 0);

if (strlen($query) < 3) {
    apiAbort(['OK' => false, 'ERROR' => 'query_too_short', 'MESSAGE' => 'Enter at least 3 characters']);
}

// Detect if phone or email
$isPhone = preg_match('/^[\d\s\-\(\)\+]+$/', $query) && strlen(normalizePhone($query)) >= 7;
$isEmail = str_contains($query, '@');

if ($isPhone) {
    $phoneDigits = normalizePhone($query);
    $qUser = queryOne(
        "SELECT ID, FirstName, LastName, ContactNumber, EmailAddress
         FROM Users
         WHERE REPLACE(REPLACE(REPLACE(REPLACE(ContactNumber, '-', ''), ' ', ''), '(', ''), ')', '') LIKE ?
         LIMIT 1",
        ['%' . $phoneDigits . '%']
    );
} elseif ($isEmail) {
    $qUser = queryOne(
        "SELECT ID, FirstName, LastName, ContactNumber, EmailAddress
         FROM Users
         WHERE EmailAddress LIKE ?
         LIMIT 1",
        ['%' . $query . '%']
    );
} else {
    $qUser = queryOne(
        "SELECT ID, FirstName, LastName, ContactNumber, EmailAddress
         FROM Users
         WHERE FirstName LIKE ? OR LastName LIKE ?
            OR CONCAT(FirstName, ' ', LastName) LIKE ?
         LIMIT 1",
        ['%' . $query . '%', '%' . $query . '%', '%' . $query . '%']
    );
}

if ($qUser) {
    // Check if already on team
    $qTeam = queryOne(
        "SELECT ID FROM Employees WHERE BusinessID = ? AND UserID = ?",
        [$businessId, (int) $qUser['ID']]
    );

    jsonResponse([
        'OK' => true,
        'USER' => [
            'UserID' => (int) $qUser['ID'],
            'Name' => trim($qUser['FirstName'] . ' ' . $qUser['LastName']),
            'Phone' => $qUser['ContactNumber'],
            'Email' => $qUser['EmailAddress'],
            'AlreadyOnTeam' => $qTeam !== null,
        ],
    ]);
} else {
    jsonResponse(['OK' => true, 'USER' => null]);
}