Finished adding the memory leak fix and the column width fix. Updated the loggers as well

0a10d405 · Cam Hayes · d7f1e3db · 0a10d405 · 0a10d405 · 0a10d405
Commit 0a10d405 authored Nov 25, 2025 by Cam Hayes
8 changed files
--- a/kgOrdersClient/View.Login.pas
+++ b/kgOrdersClient/View.Login.pas
@@ -5,8 +5,9 @@ interface
 uses
  System.SysUtils, System.Classes, Web, WEBLib.Graphics, WEBLib.Controls, WEBLib.Forms, WEBLib.Dialogs,
  Vcl.Controls, Vcl.StdCtrls, WEBLib.StdCtrls, WEBLib.JSON,
-  JS, XData.Web.Connection, WEBLib.ExtCtrls,
-  App.Types, ConnectionModule, XData.Web.Client, Vcl.Imaging.pngimage;
+  XData.Web.Client, WEBLib.ExtCtrls, Vcl.Imaging.pngimage,
+  JS, XData.Web.Connection,
+  App.Types, ConnectionModule;

 type
  TFViewLogin = class(TWebForm)
@@ -55,7 +56,8 @@ procedure TFViewLogin.btnLoginClick(Sender: TObject);
  begin
    ShowNotification('Login Error: ' + AMsg);
  end;
-
+var
+  hashPW: string;
 begin
  AuthService.Login(
    edtUsername.Text, edtPassword.Text,

--- a/kgOrdersClient/View.Main.html
+++ b/kgOrdersClient/View.Main.html
@@ -120,7 +120,7 @@
  <div class="modal-dialog">
    <div class="modal-content shadow-lg">
      <div class="modal-header">
-        <h5 class="modal-title" id="main_notification_modal">Error</h5>
+        <h5 class="modal-title" id="main_notification_modal">Info</h5>
        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
      </div>
      <div class="modal-body fs-6 fw-bold" id="main_notification_modal_body">

--- a/kgOrdersClient/View.Orders.dfm
+++ b/kgOrdersClient/View.Orders.dfm
@@ -156,40 +156,50 @@ object FViewOrders: TFViewOrders
        Title = 'Proof Due'
      end
      item
+        ElementClassName = 'tbl-min-120'
        DataField = 'proofDone'
        Title = 'Proof Done'
+        TitleElementClassName = 'tbl-min-120'
      end
      item
        DataField = 'artDue'
        Title = 'Art Due'
      end
      item
+        ElementClassName = 'tbl-min-120'
        DataField = 'artDone'
        Title = 'Art Done'
+        TitleElementClassName = 'tbl-min-120'
      end
      item
        DataField = 'plateDue'
        Title = 'Plate Due'
      end
      item
+        ElementClassName = 'tbl-min-120'
        DataField = 'plateDone'
        Title = 'Plate Done'
+        TitleElementClassName = 'tbl-min-120'
      end
      item
        DataField = 'mountDue'
        Title = 'Mount Due'
      end
      item
+        ElementClassName = 'tbl-min-120'
        DataField = 'mountDone'
        Title = 'Mount Done'
+        TitleElementClassName = 'tbl-min-120'
      end
      item
        DataField = 'shipDue'
        Title = 'Ship Due'
      end
      item
+        ElementClassName = 'tbl-min-120'
        DataField = 'shipDone'
        Title = 'Ship Done'
+        TitleElementClassName = 'tbl-min-120'
      end
      item
        DataField = 'price'
@@ -360,6 +370,7 @@ object FViewOrders: TFViewOrders
      FieldName = 'proofDue'
    end
    object xdwdsOrdersproofDone: TStringField
+      DisplayWidth = 40
      FieldName = 'proofDone'
    end
    object xdwdsOrdersartDue: TStringField

--- a/kgOrdersClient/View.User.Add.pas
+++ b/kgOrdersClient/View.User.Add.pas
@@ -165,7 +165,7 @@ begin
    ShowToast(FMessage);
  edtUsername.Text := Username;
  edtFullName.Text := FullName;
-  if Mode = 'Edit' then
+  if Mode = 'EDIT' then
  begin
    edtPassword.Text := 'hidden';
  end;

--- a/kgOrdersClient/css/app.css
+++ b/kgOrdersClient/css/app.css
@@ -7,6 +7,10 @@
    background-color: #fff;
 }

+.tbl-min-120 {
+  min-width: 120px;
+}
+
 input[type="text"] {
  min-width: 50px;
  max-width: 100%;

--- a/kgOrdersServer/Source/Auth.ServiceImpl.pas
+++ b/kgOrdersServer/Source/Auth.ServiceImpl.pas
@@ -181,7 +181,7 @@ begin
  begin
    name := authDB.uq.FieldByName('NAME').AsString;
    checkString := THashSHA2.GetHashString(name + password, THashSHA2.TSHA2Version.SHA512).ToUpper;
-    if authDB.uq.FieldByName('PASSWORD').AsString = checkString then
+    if authDB.uq.FieldByName('PASSWORD').AsString = checkstring then
    begin
      Logger.Log(1, Format('AuthDB.SetLoginAuditEntry: "%s"', [user]) );
      Result := 3; // Succcess

--- a/kgOrdersServer/Source/Lookup.ServiceImpl.pas
+++ b/kgOrdersServer/Source/Lookup.ServiceImpl.pas
@@ -158,6 +158,7 @@ begin
      USER_ID := JSONData.GetValue<string>('USER_ID');

      SQL := 'select * from orders where ORDER_ID = ' + ORDER_ID;
+      logger.Log(5, 'Retrieving order type with SQL: ' + SQL);
      doQuery(ordersDB.UniQuery1, SQL);
      if ordersDB.UniQuery1.FieldByName('ORDER_TYPE').AsString  = 'corrugated_plate' then
      begin
@@ -171,6 +172,7 @@ begin
        table := 'cutting_die_orders';

      SQL := 'select * from ' + table + ' cpo join customers c on cpo.COMPANY_ID = c.CUSTOMER_ID join customers_ship cs on cpo.staff_fields_ship_to = cs.ship_block JOIN qb_items ON cpo.staff_fields_quickbooks_item = qb_items.qb_item_name where cpo.ORDER_ID = ' + ORDER_ID;
+      logger.Log(5, 'Retrieveing Customer Info with SQL: ' + SQL);
      doQuery(ordersDB.UniQuery1, SQL);

      estimateJSON.AddPair('TxnDate', ordersDB.UniQuery1.FieldByName('staff_fields_order_date').AsString);
@@ -251,7 +253,7 @@ begin
        estimateJSON.AddPair('ShipDate', ordersDB.UniQuery1.FieldByName('staff_fields_ship_date').AsString)
      end;

-
+      logger.Log(5, 'estimateJSON finished construction');

      restClient.BaseURL := 'https://sandbox-quickbooks.api.intuit.com';

@@ -284,6 +286,7 @@ begin

      restRequest.AddBody(estimateJSON.ToJSON, TRESTContentType.ctAPPLICATION_JSON);

+      logger.Log(5, 'Executing rest request with JSON: ' + estimateJSON.ToJSON);
      restRequest.Execute;

      jsValue := restResponse.JSONValue;
@@ -291,6 +294,7 @@ begin
      jsObj := TJSONObject(jsValue).GetValue<TJSONObject>('Estimate');

      sql := 'select * from orders where ORDER_ID = ' + ORDER_ID;
+      logger.Log(5, 'Updating orders QB info');
      doQuery(ordersDB.UniQuery1, SQL);

      ordersDB.UniQuery1.Edit;
@@ -301,12 +305,13 @@ begin
      ordersDB.UniQuery1.FieldByName('QB_ORDER_USER').AsString := USER_ID;
      ordersDB.UniQuery1.Post;

-     result := TJSONObject.Create;
-     Result.AddPair('status','Success:Estimate Successfully Added');
+      result := TJSONObject.Create;
+      Result.AddPair('status','Success:Estimate Successfully Added');
+      logger.log(3, 'AddEstimate Finished');
      except
      on E: Exception do
      begin
-        logger.Log(2, 'Error when adding Estimate ' + e.Message);
+        logger.Log(1, 'Error when adding Estimate ' + e.Message);
        jsValue := restResponse.JSONValue;

        if not (jsValue is TJSONObject) then
@@ -329,8 +334,8 @@ begin
          on E: Exception do
            msg := 'Unable to parse QuickBooks error: ' + E.Message;
        end;
-              logger.Log(2, 'QuickBooks Error Message: ' + msg);
-              raise EXDataHttpException.Create(500, 'Unable to add QuickBooks Estimate: A QuickBooks interface error has occurred!');
+        logger.Log(1, 'QuickBooks Error Message: ' + msg);
+        raise EXDataHttpException.Create(500, 'Unable to add QuickBooks Estimate: A QuickBooks interface error has occurred!');
      end;
    end;
    finally
@@ -370,29 +375,33 @@ var
 begin
  logger.Log(3, 'TLookupService.DelShippingAddress');
  SQL := 'DELETE FROM customers_ship WHERE customer_ship_id = ' + AddressID;
+  logger.Log(5, 'Deleting shipping address with SQL: ' + SQL);
  OrdersDB.UniQuery1.SQL.Text := SQL;
  OrdersDB.UniQuery1.ExecSQL;
  result := TJSONObject.Create;
  result.AddPair('status', 'Success: Address Successfully Deleted');
+
+  logger.Log(5, 'Address deleted retrieving updated address list...');
  SQL := 'select * FROM customers c LEFT JOIN customers_ship s ON c.CUSTOMER_ID = s.customer_id WHERE c.CUSTOMER_ID = ' + CustomerID;
-    doQuery(ordersDB.UniQuery1, SQL);
-    ADDRESS_LIST := TJSONArray.Create;
-    while not ordersDB.UniQuery1.Eof do
-    begin
-      ADDRESS := TJSONObject.Create;
-      ADDRESS.AddPair('ADDRESS', ordersDB.UniQuery1.FieldByName('ship_block').AsString);
-      ADDRESS.AddPair('shipping_address', ordersDB.UniQuery1.FieldByName('address').AsString);
-      ADDRESS.AddPair('city', ordersDB.UniQuery1.FieldByName('city').AsString);
-      ADDRESS.AddPair('state', ordersDB.UniQuery1.FieldByName('state').AsString);
-      ADDRESS.AddPair('zip', ordersDB.UniQuery1.FieldByName('zip').AsString);
-      ADDRESS.AddPair('contact', ordersDB.UniQuery1.FieldByName('contact').AsString);
-      ADDRESS.AddPair('ship_id', ordersDB.UniQuery1.FieldByName('customer_ship_id').AsString);
-      ADDRESS_LIST.Add(ADDRESS);
-      ordersDB.UniQuery1.Next;
-    end;
+  doQuery(ordersDB.UniQuery1, SQL);
+  ADDRESS_LIST := TJSONArray.Create;
+  while not ordersDB.UniQuery1.Eof do
+  begin
+    ADDRESS := TJSONObject.Create;
+    ADDRESS.AddPair('ADDRESS', ordersDB.UniQuery1.FieldByName('ship_block').AsString);
+    ADDRESS.AddPair('shipping_address', ordersDB.UniQuery1.FieldByName('address').AsString);
+    ADDRESS.AddPair('city', ordersDB.UniQuery1.FieldByName('city').AsString);
+    ADDRESS.AddPair('state', ordersDB.UniQuery1.FieldByName('state').AsString);
+    ADDRESS.AddPair('zip', ordersDB.UniQuery1.FieldByName('zip').AsString);
+    ADDRESS.AddPair('contact', ordersDB.UniQuery1.FieldByName('contact').AsString);
+    ADDRESS.AddPair('ship_id', ordersDB.UniQuery1.FieldByName('customer_ship_id').AsString);
+    ADDRESS_LIST.Add(ADDRESS);
+    ordersDB.UniQuery1.Next;
+  end;

-    Result.AddPair('ADDRESS', ADDRESS_LIST);
-    TXDataOperationContext.Current.Handler.ManagedObjects.Add(Result);
+  Result.AddPair('ADDRESS', ADDRESS_LIST);
+  TXDataOperationContext.Current.Handler.ManagedObjects.Add(Result);
+  logger.Log(3, 'DelShippingAddress Finished');
 end;


@@ -430,6 +439,7 @@ begin

    try
      SQL := 'select * from customers' + limitSQL;
+      logger.Log(5, 'retrieving customers with SQL: ' + SQL);
      doQuery(ordersDB.UniQuery1, SQL);

      result := TCustomerList.Create;
@@ -459,6 +469,7 @@ begin
      doQuery(ordersDB.UniQuery1, SQL);
      Result.count := ordersDB.UniQuery1.FieldByName('total_count').AsInteger;
      ordersDB.UniQuery1.Close;
+      logger.Log(3, 'GetCustomers finished');
    except
      on E: Exception do
      begin
@@ -485,6 +496,7 @@ begin
       SQL := 'select * FROM customers c LEFT JOIN customers_ship s ON c.CUSTOMER_ID = s.customer_id WHERE c.CUSTOMER_ID = -1'
    else
      SQL := 'select * FROM customers c LEFT JOIN customers_ship s ON c.CUSTOMER_ID = s.customer_id WHERE c.CUSTOMER_ID = ' + ID;
+    logger.Log(5, 'Getting customer with SQL: ' + SQL);
    doQuery(ordersDB.UniQuery1, SQL);
    result := TCustomerItem.Create;

@@ -523,6 +535,7 @@ begin
      ordersDB.UniQuery1.Next;
    end;

+  logger.Log(3, 'GetCustomer Finished');
  except
    on E: Exception do
    begin
@@ -552,6 +565,7 @@ begin
    result.Add(USER);
    ordersDB.uqUsers.Next;
  end;
+  logger.Log(3, 'GetRepUsers finished');
 end;


@@ -638,6 +652,7 @@ begin
    ShipID := JSONData.GetValue<integer>('customer_ship_id');
    SQL := 'select * from customers_ship where customer_ship_id = ' + IntToStr(ShipID);
  end;
+  logger.Log(5, 'Retrieving Address with SQL ' + SQL);
  doQuery(ordersDB.UniQuery1, SQL);

  try
@@ -670,10 +685,11 @@ begin
    end
    else
      msg := 'Success: Shipping Address Successfully Edited';
-
+    logger.Log(3, msg);
    // Sends the updated Address List Back.

    SQL := 'select * FROM customers c LEFT JOIN customers_ship s ON c.CUSTOMER_ID = s.customer_id WHERE c.CUSTOMER_ID = ' + CustomerID;
+    logger.Log(5, 'Retrieving updated customer address list with SQL: ' + SQL);
    doQuery(ordersDB.UniQuery1, SQL);
    ADDRESS_LIST := TJSONArray.Create;
    while not ordersDB.UniQuery1.Eof do
@@ -693,6 +709,7 @@ begin
    Result.AddPair('status', msg);
    Result.AddPair('ADDRESS', ADDRESS_LIST);
    TXDataOperationContext.Current.Handler.ManagedObjects.Add(Result);
+    logger.Log(3, 'AddShippingAddress finished');
    except
    on E: Exception do
    begin
@@ -739,6 +756,7 @@ begin
    CustomerID := JSONData.GetValue<integer>('CUSTOMER_ID');

  SQL := 'select CUSTOMER_ID from customers where SHORT_NAME = ' + quotedStr(JSONData.GetValue<string>('SHORT_NAME'));
+  logger.Log(5, 'Retrieving customer with SQL: ' + SQL);
  doQuery(OrdersDB.UniQuery1, SQL);

  if mode = 'ADD' then
@@ -800,6 +818,7 @@ begin
      else
        msg := 'Success: Customer Successfully Edited';

+      logger.Log(3, msg);

      Result := TJSONObject.Create.AddPair('status', msg);
      Result.AddPair('CustomerID', CustomerID);
@@ -812,7 +831,10 @@ begin
    end;
  end
  else
+  begin
    Result := TJSONObject.Create.AddPair('status', 'Failure: Company Account Name Must Be Unique');
+    logger.Log(3, 'Failure: Company Account Name Must Be Unique');
+  end;
 end;

 function TLookupService.GenerateOrderCorrugatedPDF(orderID: string): string;
@@ -831,7 +853,7 @@ begin
      Result := rptOrderCorrugated.PrepareReport(SQL);

      // Optionally log success
-      Logger.Log(5, 'PDF Report successfully generated for order ID: ' + orderID);
+      Logger.Log(3, 'PDF Report successfully generated for order ID: ' + orderID);
    except
      on E: Exception do
      begin
@@ -861,11 +883,11 @@ begin
      Result := rptOrderWeb.PrepareReport(SQL);

      // Optionally log success
-      Logger.Log(5, 'PDF Report successfully generated for order ID: ' + orderID);
+      Logger.Log(3, 'PDF Report successfully generated for order ID: ' + orderID);
    except
      on E: Exception do
      begin
-        Logger.Log(2, 'Error generating web PDF: ' + E.Message);
+        Logger.Log(1, 'Error generating web PDF: ' + E.Message);
        raise EXDataHttpException.Create(500, 'Error generating web PDF: A KG Orders database issue has occurred!');
      end;
    end;
@@ -890,11 +912,11 @@ begin
      Result := rptOrderCutting.PrepareReport(SQL);

      // Optionally log success
-      Logger.Log(5, 'PDF Report successfully generated for order ID: ' + orderID);
+      Logger.Log(3, 'PDF Report successfully generated for order ID: ' + orderID);
    except
      on E: Exception do
      begin
-        Logger.Log(2, 'Error generating cutting die PDF: ' + E.Message);
+        Logger.Log(1, 'Error generating cutting die PDF: ' + E.Message);
        raise EXDataHttpException.Create(500, 'Error generating cutting die PDF: A KG Orders database issue has occurred!');
      end;
    end;
@@ -944,45 +966,61 @@ begin
 end;

 function TLookupService.createStatusSearchInfo(params: TStringList; statusNum: string): TStatusSearchInfo;
-// Takes all the status info recieved from the client and puts it into an object
-// for convinence and to make it easier to expand. Returns said object.
-// params: string list recieved from the client with all the search params
-// statusNum: which status number we are on to make it easier to tell what info
-// we want to take from client. I.E. differentiate between startDate1 and
-// startDate2
+// Takes all the status info received from the client and puts it into an object
+// for convenience and to make it easier to expand. Returns said object.
+var
+  info: TStatusSearchInfo;
+  filterValue: string;
+  parts: TArray<string>;
 begin
-  result := TStatusSearchInfo.Create;
-  result.startDate := params.Values['startDate' + statusNum];
-  result.endDate := params.Values['endDate' + statusNum];
-  if params.Values['null' + statusNum] <> '' then
-    result.null := StrToBool(params.Values['null' + statusNum]);
-
-  result.statusType := '';
-  result.filterType := '';
-  result.statusSuffix := '';
-  if ( ( params.Values['filterType'  + statusNum] <> '' ) and ( params.Values['filterType'  + statusNum] <> 'NONE' ) ) then
-  begin
-    result.statusType := params.Values['filterType'  + statusNum].Split([' '])[0];
-    result.statusSuffix := params.Values['filterType'  + statusNum].Split([' '])[1];
-    result.filterType := result.statusType + '_' + result.statusSuffix;
-  end;
+  info := TStatusSearchInfo.Create;
+  logger.log(3, 'TLookupService.createStatusSearchInfo');
+  try
+    info.startDate := params.Values['startDate' + statusNum];
+    info.endDate := params.Values['endDate' + statusNum];

-  // Figure out what table the status belongs to
-  if result.statusSuffix = 'DUE' then
-  begin
-    result.statusTableShort := 'oss';
-    result.statusTableLong := 'orders_status_schedule';
-    result.altStatusTableShort := 'os';
-    result.altStatusTableLong := 'orders_status';
-  end
-  else
-  begin
-    result.statusTableShort := 'os';
-    result.statusTableLong := 'orders_status';
-    result.altStatusTableShort := 'oss';
-    result.altStatusTableLong := 'orders_status_schedule';
-  end;
+    if params.Values['null' + statusNum] <> '' then
+      info.null := StrToBool(params.Values['null' + statusNum]);
+
+    info.statusType := '';
+    info.filterType := '';
+    info.statusSuffix := '';
+
+    filterValue := params.Values['filterType' + statusNum];
+    if (filterValue <> '') and (filterValue <> 'NONE') then
+    begin
+      parts := filterValue.Split([' ']);
+      if Length(parts) > 0 then
+        info.statusType := parts[0];
+      if Length(parts) > 1 then
+        info.statusSuffix := parts[1];
+
+      if (info.statusType <> '') and (info.statusSuffix <> '') then
+        info.filterType := info.statusType + '_' + info.statusSuffix;
+    end;
+
+    // Figure out what table the status belongs to
+    if info.statusSuffix = 'DUE' then
+    begin
+      info.statusTableShort := 'oss';
+      info.statusTableLong := 'orders_status_schedule';
+      info.altStatusTableShort := 'os';
+      info.altStatusTableLong := 'orders_status';
+    end
+    else
+    begin
+      info.statusTableShort := 'os';
+      info.statusTableLong := 'orders_status';
+      info.altStatusTableShort := 'oss';
+      info.altStatusTableLong := 'orders_status_schedule';
+    end;

+    Result := info; // hand ownership to the caller
+    logger.Log(3, 'StatusSearchInfo generated successfully');
+  except
+    info.Free;      // avoid leak if anything above raises
+    raise;
+  end;
 end;

 function TLookupService.generateStatusWhereSQL(status: TStatusSearchInfo): string;
@@ -1030,95 +1068,106 @@ function TLookupService.generateOrdersSQL(searchOptions: string): TSQLQuery;
 // searchOptions: search information sent form client to be parsed.
 var
  params: TStringList;
-  PageNum, PageSize: integer;
+  PageNum, PageSize: Integer;
  OrderBy, offset, limit: string;
-  SQL, whereSQL, orderBySQL: string;
+  SQL, whereSQL: string;
  OrderID, CompanyID, JobName, orderType: string;
  status1, status2: TStatusSearchInfo;
  ForPDF: Boolean;
  accessRights, userID: string;
+  q: TSQLQuery;
 begin
-  result := TSQLQuery.Create;
+  q := TSQLQuery.Create;
  params := TStringList.Create;
-
+  status1 := nil;
+  status2 := nil;
+  logger.log(3, 'TLookupService.generatingOrdersSQL');
  try
-    params.StrictDelimiter := true;
-    params.Delimiter := '&';
-    params.DelimitedText := searchOptions;
+    try
+      params.StrictDelimiter := True;
+      params.Delimiter := '&';
+      params.DelimitedText := searchOptions;

-    ForPDF := SameText(params.Values['forPDF'], 'true');
+      ForPDF := SameText(params.Values['forPDF'], 'true');

-    if not ForPDF then
-    begin
-      PageNum := StrToIntDef(params.Values['pagenumber'], 1);
-      PageSize := StrToIntDef(params.Values['pagesize'], 500);
-      offset := IntToStr((PageNum - 1) * PageSize);
-      limit := IntToStr(PageSize);
-    end;
+      if not ForPDF then
+      begin
+        PageNum := StrToIntDef(params.Values['pagenumber'], 1);
+        PageSize := StrToIntDef(params.Values['pagesize'], 500);
+        offset := IntToStr((PageNum - 1) * PageSize);
+        limit := IntToStr(PageSize);
+      end;

-    OrderBy := params.Values['orderby'] + ' ' + params.Values['direction'];
-    orderType := params.Values['orderType'].ToLower();
-    OrderID := params.Values['orderID'];
-    companyID := params.Values['companyID'];
-    jobName := params.Values['jobName'];
-    accessRights := params.Values['accessRights'];
-    userID := params.Values['userID'];
-
-    status1 := createStatusSearchInfo(params, '1');
-    status2 := createStatusSearchInfo(params, '2');
-
-    SQL := 'SELECT o.ORDER_ID, c.SHORT_NAME, o.LOCATION AS Loc, c.NAME AS COMPANY_NAME, o.JOB_NAME, o.ORDER_TYPE, o.IN_QB, o.QB_ORDER_NUM,' +
-           generateSubquery('PROOF') +
-           generateSubquery('ART') +
-           generateSubquery('PLATE') +
-           generateSubquery('MOUNT') +
-           generateSubquery('SHIP');
-
-    whereSQL := ' FROM orders o JOIN customers c ON c.CUSTOMER_ID = o.COMPANY_ID ' +
-                'LEFT JOIN qb_sales_orders qb ON qb.ORDER_ID = o.ORDER_ID ' +
-                'LEFT JOIN corrugated_plate_orders cpo ON o.ORDER_ID = cpo.ORDER_ID ' +
-                'LEFT JOIN web_plate_orders wpo ON o.ORDER_ID = wpo.ORDER_ID ' +
-                'LEFT JOIN cutting_die_orders cdo ON o.ORDER_ID = cdo.ORDER_ID WHERE 0 = 0';
-
-    if (status1.filterType <> '') and (status1.filterType <> 'NONE') then
-      whereSQL := whereSQL + generateStatusWhereSQL(status1);
-    if (status2.filterType <> '') and (status2.filterType <> 'NONE') then
-      whereSQL := whereSQL + generateStatusWhereSQL(status2);
-    if (orderType <> '') and (orderType <> 'any') then
-    begin
-      if (orderType <> 'cutting die') then
-        whereSQL := whereSQL + ' AND o.ORDER_TYPE = ' + QuotedStr(orderType + '_plate')
-      else
-        whereSQL := whereSQL + ' AND o.ORDER_TYPE = ' + QuotedStr('cutting_die');
-    end;
-    if OrderID <> '' then
-      whereSQL := whereSQL + ' AND o.ORDER_ID = ' + OrderID;
-    if companyID <> '' then
-      whereSQL := whereSQL + ' AND c.CUSTOMER_ID = ' + companyID;
-    if jobName <> '' then
-      whereSQL := whereSQL + ' AND o.JOB_NAME LIKE ' + QuotedStr('%' + jobName + '%');
-
-    if  accessRights = 'SALES' then
-    begin
-      whereSQL := whereSQL + ' AND c.REP_USER_ID = ' + userID;
-    end;
+      OrderBy := params.Values['orderby'] + ' ' + params.Values['direction'];
+      orderType := params.Values['orderType'].ToLower;
+      OrderID := params.Values['orderID'];
+      CompanyID := params.Values['companyID'];
+      JobName := params.Values['jobName'];
+      accessRights := params.Values['accessRights'];
+      userID := params.Values['userID'];
+
+      status1 := createStatusSearchInfo(params, '1');
+      status2 := createStatusSearchInfo(params, '2');
+
+      SQL := 'SELECT o.ORDER_ID, c.SHORT_NAME, o.LOCATION AS Loc, c.NAME AS COMPANY_NAME, ' +
+             'o.JOB_NAME, o.ORDER_TYPE, o.IN_QB, o.QB_ORDER_NUM,' +
+             generateSubquery('PROOF') +
+             generateSubquery('ART') +
+             generateSubquery('PLATE') +
+             generateSubquery('MOUNT') +
+             generateSubquery('SHIP');
+
+      whereSQL := ' FROM orders o JOIN customers c ON c.CUSTOMER_ID = o.COMPANY_ID ' +
+                  'LEFT JOIN qb_sales_orders qb ON qb.ORDER_ID = o.ORDER_ID ' +
+                  'LEFT JOIN corrugated_plate_orders cpo ON o.ORDER_ID = cpo.ORDER_ID ' +
+                  'LEFT JOIN web_plate_orders wpo ON o.ORDER_ID = wpo.ORDER_ID ' +
+                  'LEFT JOIN cutting_die_orders cdo ON o.ORDER_ID = cdo.ORDER_ID WHERE 0 = 0';
+
+      if (status1.filterType <> '') and (status1.filterType <> 'NONE') then
+        whereSQL := whereSQL + generateStatusWhereSQL(status1);
+      if (status2.filterType <> '') and (status2.filterType <> 'NONE') then
+        whereSQL := whereSQL + generateStatusWhereSQL(status2);
+
+      if (orderType <> '') and (orderType <> 'any') then
+      begin
+        if orderType <> 'cutting die' then
+          whereSQL := whereSQL + ' AND o.ORDER_TYPE = ' + QuotedStr(orderType + '_plate')
+        else
+          whereSQL := whereSQL + ' AND o.ORDER_TYPE = ' + QuotedStr('cutting_die');
+      end;

+      if OrderID <> '' then
+        whereSQL := whereSQL + ' AND o.ORDER_ID = ' + OrderID;
+      if CompanyID <> '' then
+        whereSQL := whereSQL + ' AND c.CUSTOMER_ID = ' + CompanyID;
+      if JobName <> '' then
+        whereSQL := whereSQL + ' AND o.JOB_NAME LIKE ' + QuotedStr('%' + JobName + '%');

-    orderBySQL := ' ORDER BY ' + OrderBy;
+      if accessRights = 'SALES' then
+        whereSQL := whereSQL + ' AND c.REP_USER_ID = ' + userID;

-    SQL := SQL + ' o.PRICE, qb.QB_REF_NUM, ' +
-                 'COALESCE(cpo.staff_fields_po_number, wpo.staff_fields_po_number, cdo.staff_fields_po_number) AS po_number, ' +
-                 'COALESCE(cpo.staff_fields_quickbooks_item, wpo.staff_fields_quickbooks_item, cdo.staff_fields_quickbooks_item) AS quickbooks_item, ' +
-                 'COALESCE(cpo.staff_fields_order_date, wpo.staff_fields_order_date, cdo.staff_fields_order_date) AS ORDER_DATE ';
+      SQL := SQL + ' o.PRICE, qb.QB_REF_NUM, ' +
+                   'COALESCE(cpo.staff_fields_po_number, wpo.staff_fields_po_number, cdo.staff_fields_po_number) AS po_number, ' +
+                   'COALESCE(cpo.staff_fields_quickbooks_item, wpo.staff_fields_quickbooks_item, cdo.staff_fields_quickbooks_item) AS quickbooks_item, ' +
+                   'COALESCE(cpo.staff_fields_order_date, wpo.staff_fields_order_date, cdo.staff_fields_order_date) AS ORDER_DATE ';

-    if not ForPDF then
-      SQL := SQL + whereSQL + orderBySQL + ' LIMIT ' + limit + ' OFFSET ' + offset
-    else
-      SQL := SQL + whereSQL + orderBySQL;
+      if not ForPDF then
+        SQL := SQL + whereSQL + ' ORDER BY ' + OrderBy + ' LIMIT ' + limit + ' OFFSET ' + offset
+      else
+        SQL := SQL + whereSQL + ' ORDER BY ' + OrderBy;
+
+      q.SQL := SQL;
+      q.whereSQL := whereSQL;

-    result.SQL := SQL;
-    result.whereSQL := whereSQL;
+      Result := q; // hand ownership of q to the caller
+      logger.Log(4, 'Successfully generated orders SQL');
+    except
+      q.Free;      // only if we never handed it to the caller
+      raise;
+    end;
  finally
+    status1.Free;
+    status2.Free;
    params.Free;
  end;
 end;
@@ -1232,11 +1281,11 @@ begin
    doQuery(ordersDB.UniQuery1, SQL);
    Result.count := ordersDB.UniQuery1.FieldByName('total_count').AsInteger;
    ordersDB.UniQuery1.Close;
-
+    logger.Log(4, 'Orders successfully retrieved');
  except
    on E: Exception do
    begin
-      Logger.Log(2, 'Error in GetOrders: ' + E.Message);
+      Logger.Log(1, 'Error in GetOrders: ' + E.Message);
      raise EXDataHttpException.Create(500, 'Unable to retrieve order list: A KG Orders database issue has occurred!');
    end;
  end;
@@ -1343,6 +1392,7 @@ begin
    result.general_special_instructions := ordersDB.UniQuery1.FieldByName('general_special_instructions').AsString;

    ordersDB.UniQuery1.Close;
+    logger.Log(4, 'Corrugated order successfully retrieved');
  except
    on E: Exception do
    begin
@@ -1469,6 +1519,7 @@ begin
    result.general_comments := ordersDB.UniQuery1.FieldByName('general_comments').AsString;

    ordersDB.UniQuery1.Close;
+    logger.Log(4, 'Web plate order successfully retrieved');
  except
    on E: Exception do
    begin
@@ -1517,10 +1568,12 @@ begin

    ordersDB.UniQuery1.Close;

+    logger.Log(4, 'Cutting Die order successfully retrieved');
+
  except
    on E: Exception do
    begin
-      logger.Log(2, 'An Error has occurred in TLookupSerivceImpl.GetCuttingDieOrder: ' + E.Message);
+      logger.Log(1, 'An Error has occurred in TLookupSerivceImpl.GetCuttingDieOrder: ' + E.Message);
      raise EXDataHttpException.Create(500, 'Could not retrieve cutting die order: A KG Orders database issue has occurred!');
    end;
  end;
@@ -1588,6 +1641,8 @@ begin
      doQuery(ordersDB.UniQuery1, SQL);
      Result.count := ordersDB.UniQuery1.FieldByName('total_count').AsInteger;
      ordersDB.UniQuery1.Close;
+
+      logger.Log(4, 'Items list successfully retrieved');
    except
      on E: Exception do
      begin
@@ -1658,6 +1713,7 @@ begin
    ordersDB.UniQuery1.Open;
    Result.count := ordersDB.UniQuery1.FieldByName('total_count').AsInteger;
    ordersDB.UniQuery1.Close;
+    logger.Log(4, 'Users list successfully retrieved');
  except
    on E: Exception do
    begin
@@ -1752,6 +1808,7 @@ begin

      ordersDB.UniQuery1.Post;
      Result := 'Success: User Successfully Edited';
+      logger.Log(4, 'User Successfully Edited');
    end;
    ordersDB.UniQuery1.Close;
  finally
@@ -1763,6 +1820,7 @@ procedure TLookupService.AddToOrdersTable(mode, ORDER_TYPE: string; JSONData: TJ
 var
 SQL: string;
 begin
+  logger.Log(3, 'TLookupService.AddToOrdersTable');
  if mode = 'ADD' then
    begin
      SQL := 'select * from orders where ORDER_ID = 0 and ORDER_ID <> 0';
@@ -1794,6 +1852,7 @@ begin
    ordersDB.UniQuery1.Post;

    ordersDB.UniQuery1.Close;
+    logger.log(4, 'Order successfully added to orders table');
 end;

 function TLookupService.AddCorrugatedOrder(orderInfo: string): TJSONObject;
@@ -1882,6 +1941,7 @@ begin
    else
      msg := 'Success: Order Successfully Edited';

+    logger.Log(4, msg);
    Result := JSONData;
    Result.AddPair('status', msg);
    Result.AddPair('ORDER_ID', ORDER_ID);
@@ -1941,6 +2001,7 @@ begin

  ordersDB.uqOrdersStatusSchedule.Post;

+  logger.Log(4, 'Status schedule succesfully added');
  Result := 'success';
 end;

@@ -1976,6 +2037,8 @@ begin
      SQL := 'select * from orders_status where ORDER_ID = ' + IntToStr(ORDER_ID) + ' AND ' +
              'ORDER_STATUS = ' + quotedStr(Status);

+      logger.log(5, 'Retrieving order status with SQL: ' + SQL);
+
      doQuery(ordersDB.UniQuery1, SQL);

      if ordersDB.UniQuery1.IsEmpty then
@@ -1999,6 +2062,7 @@ begin
      end;

      ordersDB.UniQuery1.Post;
+      logger.Log(4, 'Order Status successfully posted to database');

      if StatusInfo.GetValue<string>('staff_fields_ship_date') <> '12/30/1899' then
        AddStatusSchedule('SHIP', StatusInfo, ORDER_ID);
@@ -2024,6 +2088,7 @@ begin

          SQL := 'select * from ' + table + ' where ORDER_ID = ' + IntToStr(ORDER_ID);
          doQuery(OrdersDB.UniQuery1, SQL);
+          logger.Log(4, 'Updating Orders status as well with SQL: ' + SQL);
          OrdersDB.UniQuery1.Edit;

          if StatusInfo.GetValue<string>('staff_fields_ship_date') <> '12/30/1899' then
@@ -2035,7 +2100,7 @@ begin
          if StatusInfo.GetValue<string>('staff_fields_mount_due') <> '12/30/1899' then
            OrdersDB.UniQuery1.FieldByName('staff_fields_mount_due').AsString := StatusInfo.GetValue<string>('staff_fields_mount_due');
          OrdersDB.UniQuery1.Post;
-
+          logger.Log(4, 'Order status successfully set');
        finally
          order.Free;
        end;
@@ -2120,6 +2185,8 @@ begin
      end
      else
        Result := 'Failure: Username already taken';
+
+      logger.Log(4, Result);
    except
      on E: Exception do
      begin
@@ -2199,9 +2266,11 @@ begin

        ordersDB.UniQuery1.Post;
        Result.AddPair('msg', 'Success: Item successfully edited');
-      end;
-
+      end
+      else
+        result.AddPair('msg', 'Failure: Item does not exist');

+      logger.Log(4, result.GetValue('msg').Value);
    end;
    except
    on E: Exception do
@@ -2320,6 +2389,7 @@ begin
      msg := 'Success: Order Successfully Added'
    else
      msg := 'Success: Order Successfully Edited';
+    logger.Log(4, msg);

    Result := JSONData;
    Result.AddPair('status', msg);
@@ -2414,6 +2484,7 @@ begin
      msg := 'Success: Order Successfully Added'
    else
      msg := 'Success: Order Successfully Edited';
+    logger.Log(4, msg);

    Result := JSONData;
    Result.AddPair('status', msg);
@@ -2476,6 +2547,8 @@ begin
    SQL := 'SELECT * FROM ' + table + ' WHERE ORDER_ID = ' + IntToStr(OrderIDInt);
    doQuery(OrdersDB.UniQuery1, SQL);

+    //convert the order into a JSON object to put it in the database using existing code
+    logger.Log(4, 'Adding order into the revisions table before deleting...');
    stream := TStringStream.Create('', TEncoding.UTF8);
    try
      OrdersDB.UniQuery1.SaveToJSON(stream);
@@ -2528,7 +2601,7 @@ begin
      OrdersDB.UniQuery1.FieldByName('ORDER_REVISION_ID').AsInteger := RevisionID;
      OrdersDB.UniQuery1.FieldByName('REVISION_USER_ID').AsString := UserID;
      OrdersDB.UniQuery1.Post;
-
+      logger.Log(4, 'Order successfully added into revision table, beginning deletion');
    finally
      stream.Free;
      JSONValue.Free;
@@ -2548,7 +2621,7 @@ begin
    Result.AddPair('status', 'success');
    Result.AddPair('OrderID', IntToStr(OrderIDInt));
    TXDataOperationContext.Current.Handler.ManagedObjects.Add(Result);
-
+    logger.log(4, 'order successfully deleted');
  except
    on E: Exception do
    begin

--- a/kgOrdersServer/bin/kgOrdersServer.ini
+++ b/kgOrdersServer/bin/kgOrdersServer.ini
@@ -2,7 +2,7 @@
 MemoLogLevel=4
 FileLogLevel=4
 webClientVersion=0.9.11
-LogFileNum=171
+LogFileNum=175

 [Database]
 --Server=192.168.116.132