ordersprinter/php/printqueue.php

<?php
// Datenbank-Verbindungsparameter
require_once ('config.php');
require_once ('globals.php');
require_once ('dbutils.php');

class PrintQueue {
	var $dbutils;
	var $userrights;
	
	function __construct() {
		$this->dbutils = new DbUtils();
		$this->userrights = new Userrights();
	}
	
	function handleCommand($command) {
		// these command are only allowed for user with waiter rights
		if ($command == 'queuePrintJob') {
			$this->queuePrintJob($_POST['content'],$_POST['type']);
		} else if ($command == 'getNextPrintJob') {
			$this->getNextPrintJob($_POST['pass']);
		} else if ($command == 'deletePrintJob') {
			$this->deletePrintJob($_POST['pass'],$_POST['id']);
		} else if ($command == 'getPrintJobAsHtml') {
			$this->getPrintJobAsHtml($_GET['id'],$_POST['pass']);
		} else if ($command == 'getNextPrintJobIdType') {
			$this->getNextPrintJobIdType($_POST['pass']);
		} else {
			echo "Kommando nicht erkannt!";
		}
	}
	
	/*
	 * Insert a job into ther printjob queue. The POS Print Server will
	 * pick these jobs and delete them after successful printing
	 */
	function queuePrintJob($htmlContent,$printType) {
		if (($printType == FOOD_PRINT_TYPE) || ($printType == DRINK_PRINT_TYPE)){
			// waiter rights required
			if (!($this->userrights->hasCurrentUserRight('right_waiter'))) {
				echo "Benutzerrechte nicht ausreichend!";
				return false;
			}
		}
		if ($printType == PAY_PRINT_TYPE){
			// waiter, or manager, bill, admin rights required
			if (!($this->userrights->hasCurrentUserRight('right_paydesk')) &&
					!($this->userrights->hasCurrentUserRight('right_manager')) &&
					!($this->userrights->hasCurrentUserRight('right_bill')) &&
					!($this->userrights->hasCurrentUserRight('right_waiter')) &&
					!($this->userrights->hasCurrentUserRight('is_admin'))
					) {
				echo "Benutzerrechte nicht ausreichend!";
				return false;
			}
		}
		
		// from here on user is authorized
		$printInsertSql = "INSERT INTO `%printjobs%` (`id` , `content`,`type`) VALUES ( NULL, '$htmlContent' , '$printType')";
		$dbresult = $this->dbutils->performSqlCommand($printInsertSql);
		echo json_encode("OK");
	}
	
	
	function isPasswordCorrect($pass) {
		$sql = "SELECT setting FROM %config% WHERE name=?";
		$pdo = $this->dbutils->openDbAndReturnPdo();
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute(array("printpass"));
		$row =$stmt->fetchObject();

		if ($row != null) {
			$passInDb = $row->setting;
			if ($passInDb != null) {
				// plain comparison
				if ($pass == $passInDb) {
					return true;
				} else {
					echo "Error: Falscher Printpass!";
				}
			} else {
				echo "Error: kein Printpass in DB gesetzt!";
			}
		}
		echo "Error: DB konnte nicht abgefragt werden!";
		return false;
	}
	
	function getNextPrintJob($pass) {
		$isCorrect = $this->isPasswordCorrect($pass);
		if ($isCorrect) {
			$sql = "SELECT id,content,type FROM %printjobs% ORDER BY id ASC LIMIT 1";
			
			$pdo = $this->dbutils->openDbAndReturnPdo();
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
			$stmt->execute();
			$row =$stmt->fetchObject();
			if ($row != null) {
				echo json_encode(array("id" => $row->id, "content" => $row->content, "type" => $row->type));
			}
		}
	}
	
	function getNextPrintJobIdType($md5pass) {
		$isCorrect = $this->isPasswordCorrect($md5pass);
		if ($isCorrect) {
				
			$sql = "SELECT id,type FROM %printjobs% ORDER BY id ASC LIMIT 1";
			$pdo = $this->dbutils->openDbAndReturnPdo();
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
			$stmt->execute();
			$row =$stmt->fetchObject();
			if ($row != null) {
				$id = $row->id;
				$theType = $row->type;
				if ($id != null) {
					header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );
					header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
					header( "Cache-Control: no-cache, must-revalidate" );
					header( "Pragma: no-cache" );
					header( "Content-Type: text/html; charset=utf8" );
					echo "<html><body>" . $id . "-" . $theType . "</body></html>";
				}
			}
		}
	}
	
	function getPrintJobAsHtml($id,$md5pass) {
		$isCorrect = $this->isPasswordCorrect($md5pass);
		if ($isCorrect) {
			$sql = "SELECT content FROM %printjobs% WHERE id=?";
			$pdo = $this->dbutils->openDbAndReturnPdo();
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
			$stmt->execute(array($id));
			$row =$stmt->fetchObject();
			if ($row != null) {
				$content = $row->content;
				if ($content != null)
				{
					header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );
					header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
					header( "Cache-Control: no-cache, must-revalidate" );
					header( "Pragma: no-cache" );
					header( "Content-Type: text/html; charset=utf8" );
					echo "<html><body>" . $content . "</body></html>";
				}
			}
		}
	}
	
	function deletePrintJob($pass,$id) {
		$isCorrect = $this->isPasswordCorrect($pass);
		if ($isCorrect) {
			$sql = "DELETE FROM %printjobs% WHERE id=?";
			$pdo = $this->dbutils->openDbAndReturnPdo();
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
			$stmt->execute(array($id));
		}
	}
}
?>