177 lines
6.3 KiB
PHP
177 lines
6.3 KiB
PHP
|
<?php
|
||
|
require_once ('dbutils.php');
|
||
|
require_once ('utilities/Emailer.php');
|
||
|
|
||
|
class Reservation {
|
||
|
var $dbutils;
|
||
|
function __construct() {
|
||
|
$this->dbutils = new DbUtils();
|
||
|
}
|
||
|
|
||
|
function handleCommand($command) {
|
||
|
if (!$this->isUserAlreadyLoggedInForPhpAndMayReserve()) {
|
||
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_RES_NOT_AUTHOTRIZED, "msg" => ERROR_RES_NOT_AUTHOTRIZED_MSG));
|
||
|
} else {
|
||
|
if ($command == 'createReservation') {
|
||
|
$this->createReservation($_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']);
|
||
|
} else if ($command == 'getReservations') {
|
||
|
$this->getReservations($_GET['day'],$_GET['month'],$_GET['year']);
|
||
|
} else if ($command == 'changeReservation') {
|
||
|
$this->changeReservation($_POST['id'],$_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']);
|
||
|
} else if ($command == 'delReservation') {
|
||
|
$this->delReservation($_POST['id']);
|
||
|
} else if ($command == 'emailConfirmReservation') {
|
||
|
$this->emailConfirmReservation($_POST['to'],$_POST['msg']);
|
||
|
}
|
||
|
else {
|
||
|
echo "Kommando nicht unterstuetzt.";
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function isUserAlreadyLoggedInForPhpAndMayReserve() {
|
||
|
if(session_id() == '') {
|
||
|
session_start();
|
||
|
}
|
||
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
||
|
return false;
|
||
|
} else {
|
||
|
return ($_SESSION['right_reservation']);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private function createReservation($day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) {
|
||
|
$userid = $_SESSION['userid'];
|
||
|
date_default_timezone_set(DbUtils::getTimeZone());
|
||
|
$currentTime = date('Y-m-d H:i:s');
|
||
|
$scheduledDate = "$year-$month-$day 00:00:00";
|
||
|
|
||
|
try {
|
||
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
$pdo->beginTransaction();
|
||
|
|
||
|
$sql = "INSERT INTO `%reservations%` (
|
||
|
`id` , `creator`,`creationdate`,`scheduledate`,`name`,`email`,`starttime`,`duration`,`persons`,`phone`,`remark`)
|
||
|
VALUES (
|
||
|
NULL , ?,?,?,?,?,?,?,?,?,?)";
|
||
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
|
$stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark));
|
||
|
$pdo->commit();
|
||
|
echo json_encode(array("status" => "OK"));
|
||
|
}
|
||
|
catch (PDOException $e) {
|
||
|
$pdo->rollBack();
|
||
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private function changeReservation($id,$day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) {
|
||
|
$userid = $_SESSION['userid'];
|
||
|
date_default_timezone_set(DbUtils::getTimeZone());
|
||
|
$currentTime = date('Y-m-d H:i:s');
|
||
|
$scheduledDate = "$year-$month-$day 00:00:00";
|
||
|
|
||
|
try {
|
||
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
$pdo->beginTransaction();
|
||
|
|
||
|
$sql = "UPDATE `%reservations%` SET creator=?,creationdate=?,scheduledate=?,name=?,email=?,starttime=?,duration=?,persons=?,phone=?,remark=? WHERE id=?";
|
||
|
|
||
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
|
$stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark,$id));
|
||
|
$pdo->commit();
|
||
|
echo json_encode(array("status" => "OK"));
|
||
|
}
|
||
|
catch (PDOException $e) {
|
||
|
$pdo->rollBack();
|
||
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private function delReservation($id) {
|
||
|
try {
|
||
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
$pdo->beginTransaction();
|
||
|
$sql = "DELETE FROM `%reservations%` WHERE id=?";
|
||
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
|
$stmt->execute(array($id));
|
||
|
$pdo->commit();
|
||
|
echo json_encode(array("status" => "OK"));
|
||
|
}
|
||
|
catch (PDOException $e) {
|
||
|
$pdo->rollBack();
|
||
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private function emailConfirmReservation($toEmail,$msg) {
|
||
|
// first find sender email
|
||
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
|
||
|
$msg = str_replace("\n", "\r\n", $msg);
|
||
|
|
||
|
$topictxt = "Reservierungsbestätigung\r\n";
|
||
|
|
||
|
if (Emailer::sendEmail($pdo, $msg, $toEmail, $topictxt)) {
|
||
|
echo json_encode("OK");
|
||
|
} else {
|
||
|
echo json_encode("ERROR");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
|
||
|
private function getGeneralItemFromDbWithPdo($pdo,$field) {
|
||
|
$aValue="";
|
||
|
$sql = "SELECT setting FROM %config% where name='$field'";
|
||
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
|
$stmt->execute();
|
||
|
$row =$stmt->fetchObject();
|
||
|
if ($row != null) {
|
||
|
$aValue = $row->setting;
|
||
|
}
|
||
|
return $aValue;
|
||
|
}
|
||
|
|
||
|
private function getReservations($day,$month,$year) {
|
||
|
$day = sprintf("%02s", $day);
|
||
|
$month = sprintf("%02s", $month);
|
||
|
|
||
|
$scheduledDate = "$year-$month-$day 00:00:00";
|
||
|
|
||
|
try {
|
||
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
$sql = "SELECT DISTINCT %reservations%.id,%user%.username as username,creationdate,scheduledate,starttime,name,email,persons,duration,phone,remark FROM %reservations%,%user% WHERE scheduledate=? AND %reservations%.creator=%user%.id ORDER BY starttime";
|
||
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
|
$stmt->execute(array($scheduledDate));
|
||
|
|
||
|
$result = $stmt->fetchAll();
|
||
|
$resArray = array();
|
||
|
|
||
|
foreach($result as $row) {
|
||
|
$datetimeparts = explode(" ",$row['scheduledate']);
|
||
|
$thedate = $datetimeparts[0];
|
||
|
$thedateparts = explode("-",$thedate);
|
||
|
$resArray[] = array(
|
||
|
"id" => $row['id'],
|
||
|
"creator" => $row['username'],
|
||
|
"creationdate" => $row['creationdate'],
|
||
|
"day" => $thedateparts[2],
|
||
|
"month" => $thedateparts[1],
|
||
|
"year" => $thedateparts[0],
|
||
|
"start" => $row['starttime'],
|
||
|
"guest" => $row['name'],
|
||
|
"email" => $row['email'],
|
||
|
"persons" => $row['persons'],
|
||
|
"duration" => $row['duration'],
|
||
|
"phone" => $row['phone'],
|
||
|
"remark" => $row['remark'],
|
||
|
);
|
||
|
}
|
||
|
echo json_encode(array("status" => "OK", "msg" => $resArray));
|
||
|
}
|
||
|
catch (PDOException $e) {
|
||
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
?>
|