ordersprinter/webapp/php/feedback.php

227 lines
6.9 KiB
PHP
Raw Permalink Normal View History

2020-11-19 22:44:19 +01:00
<?php
require_once ('dbutils.php');
2020-11-19 22:47:44 +01:00
require_once ('utilities/Emailer.php');
2020-11-19 22:44:19 +01:00
class Feedback {
var $dbutils;
function __construct() {
$this->dbutils = new DbUtils();
}
function handleCommand($command) {
2020-11-19 23:12:30 +01:00
if (!$this->isUserAlreadyLoggedInForPhp()) {
echo json_encode(array("status" => "ERROR","msg" => "Fehler: Benutzer nicht eingeloggt!"));
return;
2020-11-19 22:44:19 +01:00
}
2020-11-19 23:12:30 +01:00
if ($command == 'sendMail') {
$pdo = DbUtils::openDbAndReturnPdoStatic();
$this->sendMail($pdo,$_POST['role'],$_POST['topic'],$_POST['email'],$_POST['tel'],$_POST['allowSendRights'],$_POST['content']);
} else if ($command == 'getErrorLog') {
$pdo = DbUtils::openDbAndReturnPdoStatic();
$errorlog = $this->getErrorLog($pdo);
echo json_encode($errorlog);
} else if ($command == 'sendErrorLog') {
$pdo = DbUtils::openDbAndReturnPdoStatic();
$answer = self::sendErrorLog($pdo,$_POST['errorlog'],$_POST['contactinfo'],$_POST['remark']);
echo $answer;
} else {
2020-11-19 22:44:19 +01:00
echo "Kommando nicht unterstuetzt.";
2020-11-19 23:10:26 +01:00
}
2020-11-19 22:44:19 +01:00
}
function isUserAlreadyLoggedInForPhp() {
2020-11-19 23:10:26 +01:00
if(session_id() == '') {
session_start();
}
2020-11-19 22:44:19 +01:00
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
return false;
} else {
return true;
}
}
2020-11-19 22:47:44 +01:00
2020-11-19 23:10:26 +01:00
function spamcheck($field) {
// Sanitize e-mail address
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
// Validate e-mail address
if(filter_var($field, FILTER_VALIDATE_EMAIL)) {
return TRUE;
} else {
return FALSE;
}
2020-11-19 22:44:19 +01:00
}
function sqlresult($pdo,$sql,$sqlval) {
2020-11-19 23:10:26 +01:00
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute();
$row =$stmt->fetchObject();
if ($row != null) {
return($row->$sqlval);
2020-11-19 22:44:19 +01:00
} else {
return 0;
}
}
2020-11-19 23:12:30 +01:00
function getdbinfo($pdo) {
2020-11-19 22:44:19 +01:00
$info = "\n\nWaiting print jobs:\n";
// workprintjobswaiting
$foodjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=1","number");
$drinkjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=2","number");
$payjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=3","number");
2020-11-19 23:10:26 +01:00
$info .= "Fs: $foodjobs\n";
$info .= "Ds: $drinkjobs\n";
$info .= "Rs: $payjobs\n\n";
2020-11-19 22:44:19 +01:00
// db sizes
$info .= $this->getDatabaseSizes($pdo);
return $info;
}
function getDatabaseSizes($pdo) {
$sql = 'SELECT table_schema "Data Base Name",
sum( data_length + index_length ) / 1024 / 1024 "Data Base Size in MB",
sum( data_free )/ 1024 / 1024 "Free Space in MB"
FROM information_schema.TABLES
GROUP BY table_schema';
$pdo = $this->dbutils->openDbAndReturnPdo();
2020-11-19 23:10:26 +01:00
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute();
$result = $stmt->fetchAll();
$dbInfo = "DB-info:\n";
2020-11-19 22:44:19 +01:00
foreach($result as $row) {
2020-11-19 23:10:26 +01:00
$dbInfo .= "DB '$row[0]', db (MB): $row[1], free (MB): $row[2]\n";
2020-11-19 22:44:19 +01:00
}
return $dbInfo;
}
2020-11-19 23:12:30 +01:00
function sendMail($pdo,$role,$topic,$email,$tel,$allowSendRights,$content) {
2020-11-19 22:47:44 +01:00
2020-11-19 22:44:19 +01:00
$rights = "Keine Rechteinformation";
2020-11-19 23:12:30 +01:00
$version = CommonUtils::getConfigValue($pdo, 'version', '');
2020-11-19 23:10:26 +01:00
2020-11-19 23:12:30 +01:00
if ($allowSendRights) {
$rights = "UID=" . $_SESSION['userid'] . "\n";
$rights .= "UN=" . $_SESSION['currentuser'] . "\n";
$rights .= " RA=" . ($_SESSION['is_admin'] ? "1" : "0") . "\n";
$rights .= " RW=" . ($_SESSION['right_waiter'] ? "1" : "0") . "\n";
$rights .= " RPay=" . ($_SESSION['right_paydesk'] ? "1" : "0") . "\n";
$rights .= " RB=" . ($_SESSION['right_bill'] ? "1" : "0") . "\n";
$rights .= " RProd = " . ($_SESSION['right_products'] ? "1" : "0") . "\n";
$rights .= " RM=" . ($_SESSION['right_manager'] ? "1" : "0");
$rights .= $this->getdbinfo($pdo);
2020-11-19 22:44:19 +01:00
}
2020-11-19 23:12:30 +01:00
$server = $_SERVER['HTTP_USER_AGENT'];
$msg = "\nEmail:$email\nTel.:$tel\nNachricht:$content\nRolle:$role\nRechte:$rights\nServer:$server\n\nVersion:$version\n";
$version = CommonUtils::getConfigValue($pdo, 'version', 'no-version');
$ok = $this->sendFeedbackToServer($topic, $msg, $version);
echo json_encode($ok);
2020-11-19 22:44:19 +01:00
}
2020-11-19 23:10:26 +01:00
function sendFeedbackToServer($topic, $msg, $version) {
$cmd = '';
$fct = 'Feedback-Form';
$xhr = $msg;
$errormsg = $topic;
$status = '';
$phpversion = phpversion();
$arr = array("cmd" => $cmd, "fct" => $fct, "xhr" => $xhr, "errormsg" => $errormsg, "status" => $status, "version" => $version, "phpversion" => $phpversion);
$url = "http://www.ordersprinter.de/debug/save.php?cmd=save";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$query = http_build_query($arr);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$server_output = curl_exec ($ch);
if($server_output === false)
{
$msg = 'Curl-Fehler: ' . curl_error($ch);
curl_close ($ch);
return array("status" => "ERROR","msg" => $msg);
} else {
curl_close ($ch);
return array("status" => "OK");
}
}
2020-11-19 23:12:30 +01:00
private function getErrorLog($pdo) {
$showErrorLog = CommonUtils::getConfigValue($pdo, "showerrorlog", 0);
if ($showErrorLog != 1) {
return array("status" => "ERROR", "msg" => "Benutzer dürfen entsprechend der eingestellten Konfiguration nicht auf das Error.log des Webservers zugreifen.");
}
$batchFile = "";
if (stripos(PHP_OS, 'win') === 0) {
$batchFile = "errorlog_windows.bat";
} elseif (stripos(PHP_OS, 'linux') === 0) {
$batchFile = "errorlog_linux.sh";
}
if ($batchFile == "") {
return array("status" => "ERROR", "msg" => "Betriebssystem nicht erkannt oder nicht unterstützt: " . PHP_OS);
}
$batchOutput = shell_exec("utilities/$batchFile");
if ($batchOutput == "") {
return array("status" => "ERROR", "msg" => "Error.log leer oder keine Lesezugriff.");
}
$maxSize = 20 * 1024;
if (strlen($batchOutput) > $maxSize) {
$batchOutput = substr($batchOutput, 0-$maxSize);
}
$companyinfo = CommonUtils::getConfigValue($pdo, "companyinfo", "");
$ret = array("log" => $batchOutput, "companyinfo" => $companyinfo);
return array("status" => "OK", "msg" => $ret);
}
private static function sendErrorLog($pdo, $errorlog, $contactinfo, $remark) {
$companyInfo = CommonUtils::getConfigValue($pdo, 'companyinfo', '');
$version = CommonUtils::getConfigValue($pdo, 'version', '');
$phpversion = phpversion();
$arr = array(
"errorlog" => $errorlog,
"contactinfo" => $contactinfo,
"remark" => $remark,
"companyInfo" => $companyInfo,
"version" => $version,
"phpversion" => $phpversion);
$url = "http://www.ordersprinter.de/debug/save.php?cmd=saveerrorlog";
$query = http_build_query($arr);
$opts = array(
'http' => array(
'header' => "Content-Type: application/x-www-form-urlencoded\r\n" .
"Content-Length: " . strlen($query) . "\r\n" .
"User-Agent:MyAgent/1.0\r\n",
'method' => 'POST',
'content' => $query
)
);
$context = stream_context_create($opts);
$ret = file_get_contents($url, false, $context);
return $ret;
}
2020-11-19 23:10:26 +01:00
2020-11-19 23:12:30 +01:00
}