ordersprinter/webapp/php/reservation.php

177 lines
6.3 KiB
PHP
Raw Normal View History

2020-11-19 22:47:44 +01:00
<?php
require_once ('dbutils.php');
require_once ('utilities/Emailer.php');
class Reservation {
var $dbutils;
function __construct() {
$this->dbutils = new DbUtils();
}
function handleCommand($command) {
if (!$this->isUserAlreadyLoggedInForPhpAndMayReserve()) {
echo json_encode(array("status" => "ERROR", "code" => ERROR_RES_NOT_AUTHOTRIZED, "msg" => ERROR_RES_NOT_AUTHOTRIZED_MSG));
} else {
if ($command == 'createReservation') {
$this->createReservation($_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']);
} else if ($command == 'getReservations') {
$this->getReservations($_GET['day'],$_GET['month'],$_GET['year']);
} else if ($command == 'changeReservation') {
$this->changeReservation($_POST['id'],$_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']);
} else if ($command == 'delReservation') {
$this->delReservation($_POST['id']);
} else if ($command == 'emailConfirmReservation') {
$this->emailConfirmReservation($_POST['to'],$_POST['msg']);
}
else {
echo "Kommando nicht unterstuetzt.";
}
}
}
function isUserAlreadyLoggedInForPhpAndMayReserve() {
if(session_id() == '') {
session_start();
}
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
return false;
} else {
return ($_SESSION['right_reservation']);
}
}
private function createReservation($day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) {
$userid = $_SESSION['userid'];
date_default_timezone_set(DbUtils::getTimeZone());
$currentTime = date('Y-m-d H:i:s');
$scheduledDate = "$year-$month-$day 00:00:00";
try {
$pdo = $this->dbutils->openDbAndReturnPdo();
$pdo->beginTransaction();
$sql = "INSERT INTO `%reservations%` (
`id` , `creator`,`creationdate`,`scheduledate`,`name`,`email`,`starttime`,`duration`,`persons`,`phone`,`remark`)
VALUES (
NULL , ?,?,?,?,?,?,?,?,?,?)";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function changeReservation($id,$day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) {
$userid = $_SESSION['userid'];
date_default_timezone_set(DbUtils::getTimeZone());
$currentTime = date('Y-m-d H:i:s');
$scheduledDate = "$year-$month-$day 00:00:00";
try {
$pdo = $this->dbutils->openDbAndReturnPdo();
$pdo->beginTransaction();
$sql = "UPDATE `%reservations%` SET creator=?,creationdate=?,scheduledate=?,name=?,email=?,starttime=?,duration=?,persons=?,phone=?,remark=? WHERE id=?";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark,$id));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function delReservation($id) {
try {
$pdo = $this->dbutils->openDbAndReturnPdo();
$pdo->beginTransaction();
$sql = "DELETE FROM `%reservations%` WHERE id=?";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute(array($id));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function emailConfirmReservation($toEmail,$msg) {
// first find sender email
$pdo = $this->dbutils->openDbAndReturnPdo();
$msg = str_replace("\n", "\r\n", $msg);
$topictxt = "Reservierungsbestätigung\r\n";
if (Emailer::sendEmail($pdo, $msg, $toEmail, $topictxt)) {
echo json_encode("OK");
} else {
echo json_encode("ERROR");
}
}
private function getGeneralItemFromDbWithPdo($pdo,$field) {
$aValue="";
$sql = "SELECT setting FROM %config% where name='$field'";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute();
$row =$stmt->fetchObject();
if ($row != null) {
$aValue = $row->setting;
}
return $aValue;
}
private function getReservations($day,$month,$year) {
$day = sprintf("%02s", $day);
$month = sprintf("%02s", $month);
$scheduledDate = "$year-$month-$day 00:00:00";
try {
$pdo = $this->dbutils->openDbAndReturnPdo();
$sql = "SELECT DISTINCT %reservations%.id,%user%.username as username,creationdate,scheduledate,starttime,name,email,persons,duration,phone,remark FROM %reservations%,%user% WHERE scheduledate=? AND %reservations%.creator=%user%.id ORDER BY starttime";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute(array($scheduledDate));
$result = $stmt->fetchAll();
$resArray = array();
foreach($result as $row) {
$datetimeparts = explode(" ",$row['scheduledate']);
$thedate = $datetimeparts[0];
$thedateparts = explode("-",$thedate);
$resArray[] = array(
"id" => $row['id'],
"creator" => $row['username'],
"creationdate" => $row['creationdate'],
"day" => $thedateparts[2],
"month" => $thedateparts[1],
"year" => $thedateparts[0],
"start" => $row['starttime'],
"guest" => $row['name'],
"email" => $row['email'],
"persons" => $row['persons'],
"duration" => $row['duration'],
"phone" => $row['phone'],
"remark" => $row['remark'],
);
}
echo json_encode(array("status" => "OK", "msg" => $resArray));
}
catch (PDOException $e) {
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
}
?>