2020-11-19 22:47:44 +01:00
< ? php
// Datenbank-Verbindungsparameter
2020-11-19 22:59:47 +01:00
require_once ( 'dbutils.php' );
2020-11-19 22:47:44 +01:00
require_once ( 'commonutils.php' );
require_once ( 'globals.php' );
require_once ( 'admin.php' );
2020-11-19 23:02:12 +01:00
require_once ( 'customers.php' );
2020-11-19 22:47:44 +01:00
require_once ( 'utilities/Emailer.php' );
class Closing {
var $dbutils ;
var $t ;
function __construct () {
$this -> dbutils = new DbUtils ();
require_once 'translations.php' ;
}
function handleCommand ( $command ) {
2020-11-19 22:59:47 +01:00
// all commands require closing,manager or admin rights
2020-11-19 23:03:29 +01:00
if ( ! ( $this -> hasCurrentUserManagerOrAdminRights ()) && ( $command != 'createClosing' ) && ( $command != 'getClosings' ) && ( $command != 'remotecreateclosing' )) {
2020-11-19 22:47:44 +01:00
if ( $command != 'exportCsv' ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_MANAGER_NOT_AUTHOTRIZED , " msg " => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG ));
} else {
// exception - result is not handled on HTML/JS side
echo " Fehlende Benutzerrechte " ;
}
return ;
}
// user has manager rights
if ( $command == 'createClosing' ) {
2020-11-19 23:03:35 +01:00
$this -> createClosing ( $_POST [ 'remark' ], $_POST [ 'print' ]);
2020-11-19 23:03:29 +01:00
} else if ( $command == 'remotecreateclosing' ) {
if ( isset ( $_POST [ 'remoteaccesscode' ])) {
if ( isset ( $_POST [ 'remark' ])) {
$this -> remotecreateclosing ( $_POST [ 'remoteaccesscode' ], $_POST [ 'remark' ]);
} else {
$this -> remotecreateclosing ( $_POST [ 'remoteaccesscode' ], '' );
}
} else {
echo json_encode ( " Remote access code not given " );
}
return ;
2020-11-19 22:47:44 +01:00
} else if ( $command == 'getClosings' ) {
$this -> getClosings ( $_GET [ 'month' ], $_GET [ 'year' ]);
2020-11-19 22:59:47 +01:00
} else if ( $command == 'exportCsv' ) {
2020-11-19 22:47:44 +01:00
$this -> exportCsv ( $_GET [ 'closingid' ]);
2020-11-19 23:02:12 +01:00
} else if ( $command == 'exportGuestCsv' ) {
$this -> exportGuestCsv ( $_GET [ 'closingid' ]);
2020-11-19 22:47:44 +01:00
} else if ( $command == 'emailCsv' ) {
$this -> emailCsv ( $_GET [ 'closingid' ], $_GET [ 'emailaddress' ], $_GET [ 'topic' ]);
} else if ( $command == 'getClosing' ) {
$this -> getClosing ( $_GET [ 'closingid' ]);
} else if ( $command == 'getClosingSummary' ) {
$this -> getClosingSummary ( $_GET [ 'closingid' ], null , true );
} else {
echo " Command not supported. " ;
}
}
2020-11-19 23:02:57 +01:00
private function hasCurrentUserManagerOrAdminRights () {
2020-11-19 22:59:47 +01:00
session_start ();
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
// no user logged in
return false ;
} else {
2020-11-19 23:02:57 +01:00
return ( $_SESSION [ 'right_manager' ] || $_SESSION [ 'is_admin' ]);
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
private function getDecPoint () {
$sql = " SELECT name,setting FROM %config% WHERE name=? " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( " decpoint " ));
$row = $stmt -> fetchObject ();
return ( $row -> setting );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:02:49 +01:00
private function saveLastClosingCreation ( $pdo ) {
date_default_timezone_set ( DbUtils :: getTimeZone ());
$date = new DateTime ();
$unixTimeStamp = $date -> getTimestamp ();
$sql = " SELECT count(id) as countid FROM %work% WHERE item=? " ;
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( 'lastclosing' ));
if ( $row -> countid == 0 ) {
$sql = " INSERT INTO %work% (item,value,signature) VALUES(?,?,?) " ;
CommonUtils :: execSql ( $pdo , $sql , array ( 'lastclosing' , $unixTimeStamp , null ));
} else {
$sql = " UPDATE %work% SET value=? WHERE item=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $unixTimeStamp , 'lastclosing' ));
}
}
private function isClosingAllowed ( $pdo ) {
$TIMEOUT = 120 ;
$sql = " SELECT count(id) as countid FROM %work% WHERE item=? " ;
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( 'lastclosing' ));
if ( $row -> countid == 0 ) {
return true ;
} else {
$sql = " SELECT value FROM %work% WHERE item=? " ;
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( 'lastclosing' ));
$lastaccess = $row -> value ;
date_default_timezone_set ( DbUtils :: getTimeZone ());
$date = new DateTime ();
$currentTimeStamp = $date -> getTimestamp ();
if (( $currentTimeStamp - $lastaccess ) > $TIMEOUT ) {
return true ;
} else {
return false ;
}
}
}
2020-11-19 23:03:29 +01:00
private function remotecreateclosing ( $remoteaccesscode , $remark ) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$code = CommonUtils :: getConfigValue ( $pdo , 'remoteaccesscode' , null );
if ( is_null ( $code ) || ( $code == '' )) {
echo json_encode ( " Remote access code was not configured! " );
} else {
if ( md5 ( $remoteaccesscode ) == $code ) {
2020-11-19 23:03:35 +01:00
$this -> createClosing ( $remark , 0 );
2020-11-19 23:03:29 +01:00
} else {
echo json_encode ( " Remote access code not correct! " );
}
}
}
2020-11-19 23:03:35 +01:00
private function createClosing ( $remark , $doPrint = 1 ) {
2020-11-19 23:10:06 +01:00
set_time_limit ( 60 * 60 );
2020-11-19 22:47:44 +01:00
if ( is_null ( $remark )) {
$remark = " " ;
}
$decpoint = $this -> getDecPoint ();
// first create a closing entry
2020-11-19 22:59:47 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
2020-11-19 22:47:44 +01:00
$closingTime = date ( 'Y-m-d H:i:s' );
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 23:02:49 +01:00
if ( ! $this -> isClosingAllowed ( $pdo )) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Time between closings too short " , " code " => ERROR_CLOSING_TIME_LIMIT ));
return ;
}
2020-11-19 22:47:44 +01:00
$pdo -> beginTransaction ();
2020-11-19 22:59:47 +01:00
2020-11-19 23:02:49 +01:00
$this -> saveLastClosingCreation ( $pdo );
2020-11-19 23:00:05 +01:00
if ( CommonUtils :: callPlugin ( $pdo , " createClosing " , " replace " )) {
return ;
}
CommonUtils :: callPlugin ( $pdo , " createClosing " , " before " );
2020-11-19 22:47:44 +01:00
$closingEntrySql = " INSERT INTO `%closing%` (`id` , `closingdate`,`remark`,`billcount`,`billsum`,`signature`) VALUES (NULL ,?,?,?,?,?) " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $closingEntrySql ));
2020-11-19 22:47:44 +01:00
$stmt -> execute ( array ( $closingTime , $remark , 0 , 0.0 , null ));
$newClosingId = $pdo -> lastInsertId ();
// test for consistency of bills
$sql = " SELECT id FROM %bill% WHERE closingid is null AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
2020-11-19 22:59:47 +01:00
$result = $stmt -> fetchAll ();
$utils = new CommonUtils ();
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
$ok = true ;
foreach ( $result as $row ) {
2020-11-19 22:47:44 +01:00
$aBillId = $row [ 'id' ];
if ( ! $utils -> verifyBill ( $pdo , $aBillId )) {
$ok = false ;
break ;
2020-11-19 22:59:47 +01:00
}
}
2020-11-19 22:47:44 +01:00
if ( ! $ok ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
}
// declare not closed bills as closed
$declareClosedSql = " UPDATE %bill% SET closingid=' $newClosingId ' WHERE closingid is null AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $declareClosedSql ));
$stmt -> execute ();
$sql = " SELECT count(id) as billstotake FROM %bill% WHERE closingid=? AND (tableid >= '0' OR status='c') " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:47:44 +01:00
$stmt -> execute ( array ( $newClosingId ));
2020-11-19 22:59:47 +01:00
$row = $stmt -> fetchObject ();
2020-11-19 22:47:44 +01:00
$billsToTake = $row -> billstotake ;
$pricesum = null ;
// now calculate the sum of the prices of this closing
if ( $billsToTake > 0 ) {
2020-11-19 22:59:47 +01:00
$sql = " SELECT sum(brutto) as pricesum FROM %bill% WHERE closingid=? AND (tableid >= '0' OR status='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $newClosingId ));
2020-11-19 22:47:44 +01:00
$row = $stmt -> fetchObject ();
$pricesum = $row -> pricesum ;
}
if ( is_null ( $pricesum )) {
$pricesum = 0 ;
}
$prevClosingDate = self :: getDateOfPreviousClosing ( $pdo , $newClosingId );
if ( is_null ( $prevClosingDate )) {
$prevClosingDate = " " ;
}
// sign the date
$pricesumstr = number_format ( $pricesum , 2 , " . " , '' );
$data = " I( $newClosingId )-S( $prevClosingDate )-E( $closingTime )-D( $billsToTake )-S( $pricesumstr ) " ;
$pkeyid = $utils -> getPrivkey ( $pdo );
openssl_sign ( $data , $signature , $pkeyid );
openssl_free_key ( $pkeyid );
// now add values to closing table to prepare for electronic signature
$sql = " UPDATE %closing% SET billcount=?, billsum=?,signature=? WHERE id=? " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:47:44 +01:00
$stmt -> execute ( array ( $billsToTake , $pricesum , $signature , $newClosingId ));
// now clean the extras that are assigned to queue - we do not need them anymore
$sql = " DELETE FROM %queueextras% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
2020-11-19 22:59:47 +01:00
$sql = " DELETE FROM %queue% WHERE id not in (select distinct queueid FROM %billproducts%) AND billid is null " ;
2020-11-19 22:47:44 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$sql = " UPDATE %queue% set paidtime=?,delivertime=? WHERE billid is not null AND paidtime is null " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingTime , $closingTime ));
2020-11-19 23:00:46 +01:00
$sql = " UPDATE %queue% set delivertime=?,workprinted=? WHERE billid is not null AND delivertime IS NULL " ;
2020-11-19 22:47:44 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:50:09 +01:00
$stmt -> execute ( array ( $closingTime , 1 ));
2020-11-19 22:47:44 +01:00
$sql = " DELETE FROM %printjobs% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
2020-11-19 22:50:09 +01:00
$sql = " UPDATE %queue% SET isclosed=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( 1 ));
2020-11-19 23:03:29 +01:00
$dblogging = CommonUtils :: getConfigValue ( $pdo , 'dblog' , 1 );
if ( $dblogging == 0 ) {
$sql = " DELETE FROM %log% " ;
CommonUtils :: execSql ( $pdo , $sql , null );
}
2020-11-19 23:03:48 +01:00
workreceipts :: resetWorkReceiptId ( $pdo );
2020-11-19 22:47:44 +01:00
// commit must before email, because there direct access to db happens
$pdo -> commit ();
// now send the email
$toEmail = $this -> getGeneralItemFromDbWithPdo ( $pdo , " receiveremail " );
if (( $toEmail != '' ) && ( strpos ( $toEmail , '@' ) !== false )) {
$theSum = number_format ( $pricesum , 2 , $decpoint , '' );
$this -> emailCsvCore ( $pdo , $newClosingId , $toEmail , " Tagesabschluss " , $prevClosingDate , $closingTime , $theSum , $billsToTake );
}
$admin = new Admin ();
$versionInfo = $admin -> getEnv ( $pdo );
$content = array ( " env " => $versionInfo , " result " => $pricesum , " closingid " => $newClosingId );
// check if new version is evailable
// (do not inform user if last install or update is right before new version - let new version mature a bit..)
$url = " http://www.ordersprinter.de/version/checkversion.php? " ;
$url .= " v= " . $versionInfo [ " version " ] . " &i= " . $versionInfo [ " installdate " ] . " l= " . $versionInfo [ " lastupdate " ];
$ctx = stream_context_create ( array ( 'http' =>
array (
'timeout' => 5 , // 5 seconds
)
));
2020-11-19 22:54:12 +01:00
$newversionavailable = @ file_get_contents ( $url , false , $ctx );
2020-11-19 22:47:44 +01:00
// TODO: has to be forwarded to user to inform him
2020-11-19 23:00:18 +01:00
CommonUtils :: keepOnlyLastLog ( $pdo );
// call plugin after completion of closing
2020-11-19 23:00:05 +01:00
CommonUtils :: callPlugin ( $pdo , " createClosing " , " after " );
2020-11-19 23:03:35 +01:00
echo json_encode ( array ( " status " => " OK " , " msg " => $content , " print " => $doPrint ));
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:54:51 +01:00
private function getSumOfBillsWithClosingId ( $pdo , $closingid , $onlyBar ) {
2020-11-19 23:00:35 +01:00
$sql = " SELECT count(id) as countid FROM %bill% WHERE closingid=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
if ( $row -> countid == 0 ) {
return 0.0 ;
}
$sql = " SELECT sum(brutto) as billsum FROM %bill% WHERE closingid=? " ;
2020-11-19 22:47:44 +01:00
if ( $onlyBar ) {
$sql .= " AND paymentid='1' " ;
}
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
$sum = floatval ( $row -> billsum );
2020-11-19 23:00:35 +01:00
2020-11-19 22:47:44 +01:00
return $sum ;
}
2020-11-19 22:51:21 +01:00
private function getUserGroupedSumOfClosing ( $pdo , $closingid ) {
$sql = " SELECT userid,username, " ;
$sql .= " ROUND(sum(brutto),2) as billsumall, " ;
$sql .= " ROUND(sum(if(paymentid='1',brutto,'0.00')),2) as sumonlybar, " ;
$sql .= " ROUND(sum(if(status = 'c',brutto,'0.00')),2) as sumcash " ;
2020-11-19 23:03:26 +01:00
$sql .= " FROM %bill%,%user% WHERE userid=%user%.id AND closingid=? GROUP BY userid,username " ;
2020-11-19 22:51:21 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$result = $stmt -> fetchAll ();
return $result ;
}
2020-11-19 22:58:30 +01:00
private function getTaxesGroupedOfClosing ( $pdo , $closingid ) {
$sql = " SELECT %queue%.tax as tax,SUM(price) as brutto,ROUND(SUM(price)/(1 + %queue%.tax/100.0),2) as netto FROM %queue%,%bill%,%closing% " ;
$sql .= " WHERE billid=%bill%.id AND %bill%.closingid=%closing%.id AND closingid=? GROUP BY tax " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
return ( $stmt -> fetchAll ( PDO :: FETCH_OBJ ));
}
private function getCashOpsOfClosing ( $pdo , $closingid ) {
$sql = " SELECT SUM(brutto) as cashsum FROM %bill%,%closing% WHERE status=? AND closingid=%closing%.id AND closingid=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( 'c' , $closingid ));
$row = $stmt -> fetchObject ();
return ( $row -> cashsum );
}
2020-11-19 22:47:44 +01:00
/*
* Get all closings that are requested :
* if month and year is null or empty ==> last 30 closings
* otherwise query by date
*/
private function getClosings ( $month , $year ) {
2020-11-19 22:51:21 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:03:59 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
2020-11-19 22:47:44 +01:00
$monthText = $month ;
if ( $month < 10 ) {
$monthText = " 0 " . $month ;
}
$lastDayInMonth = date ( " t " , mktime ( 0 , 0 , 0 , $month , 1 , $year ));
$dateStart = $year . $monthText . " 01 " ;
2020-11-19 22:59:47 +01:00
$dateEnd = $year . $monthText . $lastDayInMonth ;
2020-11-19 22:54:51 +01:00
$sql = " SELECT id,closingdate,remark FROM %closing% WHERE DATE(closingdate) BETWEEN ? AND ? ORDER BY closingdate DESC; " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $dateStart , $dateEnd ));
$result = $stmt -> fetchAll ();
$resultarray = array ();
foreach ( $result as $zeile ) {
$theId = $zeile [ 'id' ]; $closingDate = $zeile [ 'closingdate' ];
2020-11-19 22:47:44 +01:00
$remark = $zeile [ 'remark' ];
2020-11-19 22:54:51 +01:00
$totalSum = $this -> getSumOfBillsWithClosingId ( $pdo , $theId , false );
$cashSum = $this -> getSumOfBillsWithClosingId ( $pdo , $theId , true );
2020-11-19 22:51:21 +01:00
$userSums = $this -> getUserGroupedSumOfClosing ( $pdo , $theId );
2020-11-19 22:58:30 +01:00
$taxessums = $this -> getTaxesGroupedOfClosing ( $pdo , $theId );
$cashops = $this -> getCashOpsOfClosing ( $pdo , $theId );
$closingEntry = array ( " id " => $theId , " closingDate " => $closingDate , " remark " => $remark , " totalsum " => $totalSum , " cashsum " => $cashSum , " usersums " => $userSums , " taxessums " => $taxessums , " cashops " => $cashops );
2020-11-19 22:47:44 +01:00
$resultarray [] = $closingEntry ;
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
echo json_encode ( array ( " status " => " OK " , " msg " => $resultarray ));
}
2020-11-19 22:54:51 +01:00
private function getPaymentArray ( $pdo ) {
2020-11-19 22:47:44 +01:00
$sql = " SELECT id,name FROM %payment% " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$result = $stmt -> fetchAll ();
2020-11-19 22:47:44 +01:00
$retArray = array ();
2020-11-19 22:54:51 +01:00
foreach ( $result as $zeile ) {
2020-11-19 22:47:44 +01:00
$retArray [ $zeile [ 'id' ]] = $zeile [ 'name' ];
}
return $retArray ;
}
private function getClosing ( $closingid ) {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$this -> retrieveClosingFromDb ( $pdo , $closingid , false , false );
2020-11-19 22:47:44 +01:00
}
private function exportCsv ( $closingid ) {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$this -> retrieveClosingFromDb ( $pdo , $closingid , true , false );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:02:12 +01:00
private function exportGuestCsv ( $closingid ) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$prevClosingDate = self :: getDateOfPreviousClosing ( $pdo , $closingid );
$sql = " SELECT closingdate FROM %closing% WHERE id=? " ;
$curClosingDateRow = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $closingid ));
$curClosingDate = $curClosingDateRow -> closingdate ;
Customers :: exportLog ( $pdo , $prevClosingDate , $curClosingDate );
}
2020-11-19 23:03:35 +01:00
2020-11-19 22:47:44 +01:00
private function emailCsvCore ( $pdo , $closingid , $toEmail , $topic , $startdate , $enddate , $billsum , $billcount ) {
2020-11-19 23:03:35 +01:00
$msg = $this -> getClosingByTaxAndUser ( $pdo , $closingid );
$msg .= $this -> retrieveClosingFromDb ( $pdo , $closingid , false , true );
2020-11-19 22:59:47 +01:00
$msg = " Zeitraum: $startdate - $enddate\nBrutto -Summe: $billsum\nEnthaltene Bons: $billcount\n\n " . $msg ;
$msg = str_replace ( " \n " , " \r \n " , $msg );
2020-11-19 22:47:44 +01:00
$topictxt = $topic . " " . $closingid . " \r \n " ;
2020-11-19 22:59:47 +01:00
if ( Emailer :: sendEmail ( $pdo , $msg , $toEmail , $topictxt )) {
return true ;
} else {
return false ;
2020-11-19 22:47:44 +01:00
}
}
private function emailCsv ( $closingid , $toEmail , $topic ) {
// additional info to insert into email
$decpoint = $this -> getDecPoint ();
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:59:47 +01:00
$prevClosingDate = self :: getDateOfPreviousClosing ( $pdo , $closingid );
if ( is_null ( $prevClosingDate )) {
$prevClosingDate = " " ;
2020-11-19 22:47:44 +01:00
}
$sql = " SELECT closingdate, billcount, billsum FROM %closing% WHERE id=? " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
2020-11-19 22:47:44 +01:00
$row = $stmt -> fetchObject ();
$billsum = number_format ( $row -> billsum , 2 , $decpoint , '' );
$billcount = $row -> billcount ;
$closdate = $row -> closingdate ;
if ( $this -> emailCsvCore ( $pdo , $closingid , $toEmail , $topic , $prevClosingDate , $closdate , $billsum , $billcount )) {
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " OK " ));
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_EMAIL_FAILURE , " msg " => ERROR_EMAIL_FAILURE_MSG ));
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
private function getGeneralItemFromDb ( $field ) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$this -> getGeneralItemFromDbWithPdo ( $pdo , $field );
2020-11-19 22:47:44 +01:00
}
private function getGeneralItemFromDbWithPdo ( $pdo , $field ) {
2020-11-19 22:59:47 +01:00
if ( is_null ( $pdo )) {
2020-11-19 22:47:44 +01:00
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:59:47 +01:00
}
$aValue = " " ;
$sql = " SELECT setting FROM %config% where name=' $field ' " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
if ( $row != null ) {
$aValue = $row -> setting ;
}
return $aValue ;
2020-11-19 22:47:44 +01:00
}
public static function getDateOfPreviousClosing ( $pdoval , $closingid ) {
if ( is_null ( $pdoval )) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
} else {
$pdo = $pdoval ;
}
// ids can be generated but not used in case of rollback
$sql = " SELECT MAX(id) as previousid FROM %closing% WHERE id<? " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
if ( $row != null ) {
2020-11-19 22:47:44 +01:00
$previousId = intval ( $row -> previousid );
$sql = " SELECT closingdate FROM %closing% WHERE id=? " ;
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
2020-11-19 22:47:44 +01:00
$stmt -> execute ( array ( $previousId ));
$row = $stmt -> fetchObject ();
if ( $row != null ) {
return $row -> closingdate ;
} else {
return null ;
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
} else {
return null ;
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
private function returnErrorInconsDB ( $doCsvExport , $onlyresultreturn ) {
2020-11-19 22:59:47 +01:00
if ( $doCsvExport ) {
echo " ERROR - signatures do not fit " ;
} else if ( $onlyresultreturn ) {
return " Tagesabschluss-Datum: $closingdate\nBemerkung : $remark\nStatus : Inkonsistente Datenbank \n \n csv-Daten: \n " . $csv ;
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 23:03:35 +01:00
private function getClosingByTaxAndUser ( $pdo , $closingid ) {
$sql = " SELECT sum(price) as sumprice,%queue%.tax as thetax,username " ;
$sql .= " FROM %bill%,%billproducts%,%queue%,%user% " ;
$sql .= " WHERE %billproducts%.billid=%bill%.id AND %bill%.closingid=? AND %bill%.userid=%user%.id AND %billproducts%.queueid=%queue%.id " ;
2020-11-19 23:03:43 +01:00
$sql .= " AND (%bill%.status is null OR %bill%.status != (? OR ? OR ?)) " ;
2020-11-19 23:03:35 +01:00
$sql .= " GROUP BY username,thetax " ;
$decpoint = CommonUtils :: getConfigValue ( $pdo , " decpoint " , " , " );
2020-11-19 23:03:43 +01:00
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $closingid , 'c' , 'x' , 's' ));
2020-11-19 23:03:35 +01:00
$count = count ( $result );
if ( $count == 0 ) {
return " " ;
} else {
$msg = " Umsätze aufgeschlüsselt nach Benutzer und Steuersatz: \n \n " ;
$msg .= " Benutzer;Steuersatz;Umsatz (Brutto) \n " ;
foreach ( $result as $res ) {
// sumprice | thetax | username
$tax = str_replace ( '.' , $decpoint , $res [ 'thetax' ]);
$sumprice = str_replace ( '.' , $decpoint , $res [ 'sumprice' ]);
$msg .= $res [ 'username' ] . " ; $tax ; $sumprice\n " ;
}
return $msg . " \n " ;
}
}
2020-11-19 22:54:51 +01:00
private function retrieveClosingFromDb ( $pdo , $closingid , $doCsvExport , $onlyresultreturn ) {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
2020-11-19 22:47:44 +01:00
$l = $_SESSION [ 'language' ];
2020-11-19 22:59:47 +01:00
$commonUtils = new CommonUtils ();
2020-11-19 22:47:44 +01:00
$currency = $commonUtils -> getCurrency ();
$decpoint = $this -> getDecPoint ();
2020-11-19 22:54:51 +01:00
$paymentArray = $this -> getPaymentArray ( $pdo );
2020-11-19 22:47:44 +01:00
$previousClosingDate = self :: getDateOfPreviousClosing ( null , $closingid );
$csv = " " ;
if ( $doCsvExport || $onlyresultreturn ) {
2020-11-19 22:59:47 +01:00
$file_name = " tagesabschluss.csv " ;
header ( " Content-type: text/x-csv " );
header ( " Content-Disposition: attachment; filename= $file_name " );
header ( " Cache-Control: must-revalidate, post-check=0, pre-check=0 " );
header ( " Pragma: no-cache " );
2020-11-19 22:47:44 +01:00
header ( " Expires: 0 " );
2020-11-19 22:59:47 +01:00
$csv .= $this -> t [ 'ID' ][ $l ] . " ; " . $this -> t [ 'Date' ][ $l ] . " ; " . $this -> t [ 'Prod' ][ $l ] . " ; " . $this -> t [ 'Brutto' ][ $l ] . " ( $currency ); " ;
$csv .= $this -> t [ 'Netto' ][ $l ] . " ( $currency ); " ;
2020-11-19 22:47:44 +01:00
$csv .= $this -> t [ 'Tax' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'PayWay' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'Userid' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'User' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'State' ][ $l ] . " ; " ;
$csv .= $this -> t [ 'Ref' ][ $l ] . " \n " ;
2020-11-19 22:59:47 +01:00
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:54:51 +01:00
$sql = " SELECT closingdate,remark,signature,billsum,billcount FROM %closing% WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$row = $stmt -> fetchObject ();
$closingdate = $row -> closingdate ;
$remark = $row -> remark ;
$billsum = $row -> billsum ;
$billcount = $row -> billcount ;
$signature = $row -> signature ;
2020-11-19 22:58:27 +01:00
$sql = " SELECT %bill%.id as id,paymentid,billdate,userid,ref,username,status,brutto,netto,IF(tax is not null, tax, '0.00') as tax FROM %bill%,%user% WHERE closingid=? AND %bill%.userid = %user%.id ORDER BY billdate " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$billIdsAndPaymentsForThatClosing = $stmt -> fetchAll ();
2020-11-19 22:47:44 +01:00
$foundBillCount = count ( $billIdsAndPaymentsForThatClosing );
2020-11-19 22:59:47 +01:00
if ( is_null ( $previousClosingDate )) {
$startDate = " " ;
2020-11-19 22:47:44 +01:00
} else {
$startDate = $previousClosingDate ;
}
2020-11-19 22:59:47 +01:00
$billsumstr = number_format ( $billsum , 2 , " . " , '' );
2020-11-19 22:47:44 +01:00
$data = " I( $closingid )-S( $startDate )-E( $closingdate )-D( $billcount )-S( $billsumstr ) " ;
2020-11-19 22:59:47 +01:00
$pubkeyid = $commonUtils -> getCert ( $pdo );
2020-11-19 22:47:44 +01:00
$ok = openssl_verify ( $data , $signature , $pubkeyid );
2020-11-19 22:59:47 +01:00
openssl_free_key ( $pubkeyid );
2020-11-19 22:47:44 +01:00
if (( $ok == 0 ) || ( $billcount <> $foundBillCount )) {
// something went wrong!
$this -> returnErrorInconsDB ( $doCsvExport , $onlyresultreturn );
2020-11-19 22:59:47 +01:00
return ;
}
2020-11-19 22:47:44 +01:00
$retValues = array ();
2020-11-19 22:59:47 +01:00
for ( $index = 0 ; $index < count ( $billIdsAndPaymentsForThatClosing ); $index ++ ) {
2020-11-19 22:47:44 +01:00
$aBillId = $billIdsAndPaymentsForThatClosing [ $index ][ 'id' ];
if ( ! $commonUtils -> verifyBill ( $pdo , $aBillId )) {
2020-11-19 22:59:47 +01:00
$this -> returnErrorInconsDB ( $doCsvExport , $onlyresultreturn );
2020-11-19 22:47:44 +01:00
return ;
}
$billdate = $billIdsAndPaymentsForThatClosing [ $index ][ 'billdate' ];
2020-11-19 22:58:27 +01:00
$paymentid = $billIdsAndPaymentsForThatClosing [ $index ][ 'paymentid' ];
2020-11-19 22:47:44 +01:00
$userid = $billIdsAndPaymentsForThatClosing [ $index ][ 'userid' ];
$username = $billIdsAndPaymentsForThatClosing [ $index ][ 'username' ];
$status = $billIdsAndPaymentsForThatClosing [ $index ][ 'status' ];
$brutto = $billIdsAndPaymentsForThatClosing [ $index ][ 'brutto' ];
$netto = $billIdsAndPaymentsForThatClosing [ $index ][ 'netto' ];
$tax = $billIdsAndPaymentsForThatClosing [ $index ][ 'tax' ];
$ref = $billIdsAndPaymentsForThatClosing [ $index ][ 'ref' ];
$ref = ( $ref == null ? " " : $ref );
2020-11-19 22:59:47 +01:00
if ( $status == 'c' ) {
2020-11-19 22:47:44 +01:00
$statusTxt = $this -> t [ 'cashact' ][ $l ]; // "Bareinlage/-entnahme";
$brutto = number_format ( $brutto , 2 , $decpoint , '' );
$netto = number_format ( $netto , 2 , $decpoint , '' );
2020-11-19 22:59:47 +01:00
$tax = number_format ( $tax , 2 , $decpoint , '' );
$retValues [] = array (
" billid " => $aBillId ,
" paidtime " => $billdate ,
" productname " => $this -> t [ 'cashaction' ][ $l ], // Kassenaktion
2020-11-19 22:47:44 +01:00
" price " => $brutto ,
" netto " => $netto ,
2020-11-19 22:59:47 +01:00
" tax " => number_format ( 0.00 , 2 , $decpoint , '' ),
" payment " => $paymentArray [ $paymentid ],
" userid " => $userid ,
" username " => $username ,
" status " => $statusTxt ,
" ref " => $ref );
2020-11-19 22:47:44 +01:00
if ( $doCsvExport || $onlyresultreturn ) {
2020-11-19 22:59:47 +01:00
$csv .= " $aBillId ; \" $billdate\ " ; \ " " . $this -> t [ 'cashaction' ][ $l ] . " \" ; \" $brutto\ " ; \ " $netto\ " ; \ " $tax\ " ; \ " $paymentArray[$paymentid] \" ; $userid ; \" $username\ " ; \ " $statusTxt\ " ; $ref\n " ;
}
2020-11-19 22:47:44 +01:00
} else {
2020-11-19 22:55:09 +01:00
$sql = " SELECT DISTINCT productname,price,%queue%.tax as tax FROM %queue%,%billproducts% WHERE %billproducts%.billid=? AND %billproducts%.queueid=%queue%.id " ;
2020-11-19 22:59:47 +01:00
if ( $status == 'x' ) {
$statusTxt = $this -> t [ " laterCancelled " ][ $l ];
} else if ( $status == 's' ) {
$statusTxt = $this -> t [ " storno " ][ $l ];
} else {
2020-11-19 22:47:44 +01:00
$statusTxt = " " ;
2020-11-19 22:59:47 +01:00
$sql = " SELECT productname,paidtime,price,tax FROM %queue% WHERE billid=? " ;
}
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $aBillId ));
$result = $stmt -> fetchAll ();
2020-11-19 22:59:47 +01:00
foreach ( $result as $zeile ) {
2020-11-19 22:47:44 +01:00
$productname = $zeile [ 'productname' ];
$tax = $zeile [ 'tax' ];
2020-11-19 22:59:47 +01:00
$paidtime = ( $billdate == null ? " " : $billdate ) ;
2020-11-19 22:47:44 +01:00
$price = ( $status == 's' ? 0.0 - floatval ( $zeile [ 'price' ]) : $zeile [ 'price' ]);
$netto = $price / ( 1 + $tax / 100.0 );
$netto = number_format ( $netto , 2 , $decpoint , '' );
$price = number_format ( $price , 2 , $decpoint , '' );
$formattedtax = number_format ( $tax , 2 , $decpoint , '' );
$retValues [] = array (
" billid " => $aBillId ,
" paidtime " => $paidtime ,
" productname " => $productname ,
" price " => $price ,
" netto " => $netto ,
" tax " => $formattedtax ,
" payment " => $paymentArray [ $paymentid ],
" userid " => $userid ,
" username " => $username ,
" status " => $statusTxt ,
" ref " => $ref );
$productname = str_replace ( '"' , '""' , $productname );
if ( $doCsvExport || $onlyresultreturn ) {
$csv .= " $aBillId ; \" $paidtime\ " ; \ " $productname\ " ; \ " $price\ " ; \ " $netto\ " ; \ " $formattedtax\ " ; \ " $paymentArray[$paymentid] \" ; $userid ; \" $username\ " ; \ " $statusTxt\ " ; $ref\n " ;
}
2020-11-19 22:59:47 +01:00
}
}
2020-11-19 22:47:44 +01:00
}
if ( $doCsvExport ) {
echo $csv ;
} else if ( $onlyresultreturn ) {
return " Tagesabschluss-Datum: $closingdate\nBemerkung : $remark\n\ncsv -Daten: \n " . $csv ;
} else {
echo json_encode ( array ( " status " => " OK " , " msg " => $retValues , " closingid " => $closingid , " closingdate " => $closingdate , " previousClosingDate " => $previousClosingDate ));
}
}
2020-11-19 23:00:05 +01:00
public function getClosingSummaryWoSign ( $closingid , $pdo , $fromWeb , $fl = 0 ) {
return $this -> getClosingSummaryCore ( $closingid , $pdo , $fromWeb , false , $fl );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:00:05 +01:00
public function getClosingSummary ( $closingid , $pdo , $fromWeb , $fl = 0 ) {
return $this -> getClosingSummaryCore ( $closingid , $pdo , $fromWeb , true , $fl );
2020-11-19 22:47:44 +01:00
}
public static function checkForClosingConsistency ( $pdo , $closingid ) {
$sql = " select id,closingdate,billcount,billsum,remark,signature from %closing% where id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$closingpart = $stmt -> fetchObject ();
$previousClosingDate = self :: getDateOfPreviousClosing ( $pdo , $closingid );
if ( is_null ( $previousClosingDate )) {
$startDate = " " ;
} else {
$startDate = $previousClosingDate ;
}
$billsumstr = number_format ( $closingpart -> billsum , 2 , " . " , '' );
$billcount = $closingpart -> billcount ;
$closingdate = $closingpart -> closingdate ;
$data = " I( $closingid )-S( $startDate )-E( $closingdate )-D( $billcount )-S( $billsumstr ) " ;
$commonUtils = new CommonUtils ();
$pubkeyid = $commonUtils -> getCert ( $pdo );
$ok = openssl_verify ( $data , $closingpart -> signature , $pubkeyid );
openssl_free_key ( $pubkeyid );
return $ok ;
}
2020-11-19 23:00:05 +01:00
public function getClosingSummaryCore ( $closingid , $pdo , $fromWeb , $exportSignature , $fl = 0 ) {
2020-11-19 22:47:44 +01:00
if ( is_null ( $pdo )) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
};
$sql = " select id,closingdate,billcount,billsum,remark,signature from %closing% where id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $closingid ));
$closingpart = $stmt -> fetchObject ();
$ok = self :: checkForClosingConsistency ( $pdo , $closingid );
if (( $ok == 0 )) {
if ( $fromWeb ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
} else {
return null ;
}
}
$sql = " select sum(%bill%.brutto) as sum,sum(%bill%.netto) as netto,%payment%.name,%bill%.status from %bill%,%payment% where " ;
$sql .= " %bill%.closingid=? and " ;
$sql .= " %bill%.paymentid=%payment%.id " ;
$sql .= " group by %bill%.tax,%payment%.name,%bill%.status " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$overview = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
2020-11-19 23:00:05 +01:00
$sql = " select %queue%.tax as t,SUM(%queue%.price) as bruttosum,ROUND(SUM(%queue%.price)/(1 + %queue%.tax/100.0),2) as nettosum " ;
$sql .= " FROM %bill%,%queue% " ;
$sql .= " WHERE %bill%.closingid=? AND %queue%.billid=%bill%.id GROUP BY t " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$taxessum = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
2020-11-19 23:02:57 +01:00
$sql = " SELECT DISTINCT paymentid,name FROM %bill%,%payment% WHERE %bill%.closingid=? AND %bill%.paymentid=%payment%.id " ;
$payments = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $closingid ));
$paymenttaxes = array ();
foreach ( $payments as $aPayment ) {
$sql = " select %queue%.tax as t,SUM(%queue%.price) as bruttosum,ROUND(SUM(%queue%.price)/(1 + %queue%.tax/100.0),2) as nettosum " ;
$sql .= " FROM %bill%,%queue% " ;
$sql .= " WHERE %bill%.closingid=? AND %queue%.billid=%bill%.id AND %bill%.paymentid=? GROUP BY t " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid , $aPayment [ " paymentid " ]));
$paymenttaxessum = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
$paymenttaxes [] = array ( " payment " => $aPayment [ " name " ], " paymenttaxessum " => $paymenttaxessum );
}
2020-11-19 22:47:44 +01:00
$sql = " select count(%queue%.productname) as count,%queue%.productname,%queue%.price,%queue%.tax as tax,sum(%queue%.price) as sumprice " ;
$sql .= " from %queue%,%bill% where " ;
$sql .= " %queue%.billid=%bill%.id AND %bill%.closingid=? AND " ;
$sql .= " %bill%.status is null " ;
2020-11-19 22:58:20 +01:00
$sql .= " group by %queue%.productname,%queue%.tax,%queue%.price " ;
2020-11-19 22:47:44 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $closingid ));
$details = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
// -> returns something like this:
if ( ! $exportSignature || $fromWeb ) {
unset ( $closingpart -> signature );
}
2020-11-19 23:02:57 +01:00
if ( $fl >= 8 ) {
$closshowci = CommonUtils :: getConfigValue ( $pdo , 'closshowci' , 1 );
$closshowpaytaxes = CommonUtils :: getConfigValue ( $pdo , 'closshowpaytaxes' , 1 );
$closshowprods = CommonUtils :: getConfigValue ( $pdo , 'closshowprods' , 1 );
$companyinfo = CommonUtils :: getConfigValue ( $pdo , 'companyinfo' , '' );
$retVal = array ( " closing " => $closingpart , " overview " => $overview , " details " => $details , " taxessum " => $taxessum ,
" companyinfo " => $companyinfo ,
" paymenttaxessum " => $paymenttaxes ,
" closshowci " => $closshowci ,
" closshowpaytaxes " => $closshowpaytaxes ,
" closshowprods " => $closshowprods ,
);
} else if ( $fl >= 3 ) {
2020-11-19 23:00:05 +01:00
$retVal = array ( " closing " => $closingpart , " overview " => $overview , " details " => $details , " taxessum " => $taxessum );
} else {
2020-11-19 22:47:44 +01:00
$retVal = array ( " closing " => $closingpart , " overview " => $overview , " details " => $details );
2020-11-19 23:00:05 +01:00
}
2020-11-19 22:47:44 +01:00
if ( $fromWeb ) {
echo json_encode ( array ( " status " => " OK " , " msg " => $retVal ));
} else {
return $retVal ;
}
}
2020-11-19 22:59:47 +01:00
}
2020-11-19 23:02:08 +01:00
?>