2020-11-19 22:47:44 +01:00
< ? php
require_once ( 'dbutils.php' );
require_once ( 'utilities/Emailer.php' );
class Reservation {
var $dbutils ;
function __construct () {
$this -> dbutils = new DbUtils ();
}
function handleCommand ( $command ) {
if ( ! $this -> isUserAlreadyLoggedInForPhpAndMayReserve ()) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_RES_NOT_AUTHOTRIZED , " msg " => ERROR_RES_NOT_AUTHOTRIZED_MSG ));
} else {
if ( $command == 'createReservation' ) {
2020-11-19 23:12:37 +01:00
$this -> createReservation ( $_POST [ 'day' ], $_POST [ 'month' ], $_POST [ 'year' ], $_POST [ 'start' ], $_POST [ 'name' ], $_POST [ 'email' ], $_POST [ 'persons' ], $_POST [ 'duration' ], $_POST [ 'phone' ], $_POST [ 'remark' ], $_POST [ " tableid " ]);
2020-11-19 22:47:44 +01:00
} else if ( $command == 'getReservations' ) {
$this -> getReservations ( $_GET [ 'day' ], $_GET [ 'month' ], $_GET [ 'year' ]);
} else if ( $command == 'changeReservation' ) {
2020-11-19 23:12:37 +01:00
$this -> changeReservation ( $_POST [ 'id' ], $_POST [ 'day' ], $_POST [ 'month' ], $_POST [ 'year' ], $_POST [ 'start' ], $_POST [ 'name' ], $_POST [ 'email' ], $_POST [ 'persons' ], $_POST [ 'duration' ], $_POST [ 'phone' ], $_POST [ 'remark' ], $_POST [ " tableid " ]);
2020-11-19 22:47:44 +01:00
} else if ( $command == 'delReservation' ) {
$this -> delReservation ( $_POST [ 'id' ]);
} else if ( $command == 'emailConfirmReservation' ) {
$this -> emailConfirmReservation ( $_POST [ 'to' ], $_POST [ 'msg' ]);
}
else {
echo " Kommando nicht unterstuetzt. " ;
}
2020-11-19 23:12:37 +01:00
}
2020-11-19 22:47:44 +01:00
}
function isUserAlreadyLoggedInForPhpAndMayReserve () {
2020-11-19 23:12:37 +01:00
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:47:44 +01:00
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
return false ;
} else {
return ( $_SESSION [ 'right_reservation' ]);
}
}
2020-11-19 23:12:37 +01:00
private function createReservation ( $day , $month , $year , $start , $name , $email , $persons , $duration , $phone , $remark , $tableid ) {
2020-11-19 22:47:44 +01:00
$userid = $_SESSION [ 'userid' ];
2020-11-19 23:12:37 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
2020-11-19 22:47:44 +01:00
$currentTime = date ( 'Y-m-d H:i:s' );
$scheduledDate = " $year - $month - $day 00:00:00 " ;
2020-11-19 23:12:37 +01:00
if ( $tableid <= 0 ) {
$tableid = null ;
}
2020-11-19 22:47:44 +01:00
2020-11-19 23:12:37 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
try {
$pdo -> beginTransaction ();
$sql = " INSERT INTO `%reservations%` (
2020-11-19 23:12:37 +01:00
`id` , `creator` , `creationdate` , `scheduledate` , `name` , `email` , `starttime` , `duration` , `persons` , `phone` , `remark` , `tableid` )
2020-11-19 22:47:44 +01:00
VALUES (
2020-11-19 23:12:37 +01:00
NULL , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? ) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $userid , $currentTime , $scheduledDate , $name , $email , $start , $duration , $persons , $phone , $remark , $tableid ));
2020-11-19 22:47:44 +01:00
$pdo -> commit ();
echo json_encode ( array ( " status " => " OK " ));
}
catch ( PDOException $e ) {
2020-11-19 23:12:37 +01:00
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_GENERAL_DB_NOT_READABLE , " msg " => ERROR_GENERAL_DB_NOT_READABLE_MSG ));
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 23:12:37 +01:00
private function changeReservation ( $id , $day , $month , $year , $start , $name , $email , $persons , $duration , $phone , $remark , $tableid ) {
$userid = $_SESSION [ 'userid' ];
date_default_timezone_set ( DbUtils :: getTimeZone ());
$currentTime = date ( 'Y-m-d H:i:s' );
$scheduledDate = " $year - $month - $day 00:00:00 " ;
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
try {
$pdo -> beginTransaction ();
2020-11-19 22:47:44 +01:00
2020-11-19 23:12:37 +01:00
$sql = " UPDATE `%reservations%` SET creator=?,creationdate=?,scheduledate=?,name=?,email=?,starttime=?,duration=?,persons=?,phone=?,remark=?,tableid=? WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $userid , $currentTime , $scheduledDate , $name , $email , $start , $duration , $persons , $phone , $remark , $tableid , $id ));
$pdo -> commit ();
echo json_encode ( array ( " status " => " OK " ));
}
catch ( PDOException $e ) {
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_GENERAL_DB_NOT_READABLE , " msg " => ERROR_GENERAL_DB_NOT_READABLE_MSG ));
2020-11-19 22:47:44 +01:00
}
}
private function delReservation ( $id ) {
2020-11-19 23:12:37 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
try {
2020-11-19 22:47:44 +01:00
$pdo -> beginTransaction ();
$sql = " DELETE FROM `%reservations%` WHERE id=? " ;
2020-11-19 23:12:37 +01:00
CommonUtils :: execSql ( $pdo , $sql , array ( $id ));
2020-11-19 22:47:44 +01:00
$pdo -> commit ();
2020-11-19 23:12:37 +01:00
echo json_encode ( array ( " status " => " OK " ));
}
catch ( PDOException $e ) {
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_GENERAL_DB_NOT_READABLE , " msg " => ERROR_GENERAL_DB_NOT_READABLE_MSG ));
2020-11-19 22:47:44 +01:00
}
}
private function emailConfirmReservation ( $toEmail , $msg ) {
// first find sender email
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$msg = str_replace ( " \n " , " \r \n " , $msg );
$topictxt = " Reservierungsbestätigung \r \n " ;
if ( Emailer :: sendEmail ( $pdo , $msg , $toEmail , $topictxt )) {
echo json_encode ( " OK " );
} else {
echo json_encode ( " ERROR " );
}
}
2020-11-19 23:12:37 +01:00
private function getReservations ( $day , $month , $year ) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
// REM* the many sortings in the sql allow the sorting by time, room-sort and table-sort
$sql = " SELECT R.id,U.username as username,creationdate,scheduledate,starttime,name,email,persons,duration,phone,remark,tableid, " ;
$sql .= " IF(tableid is null,'-1',(SELECT RO.id as roomid FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as roomid, " ;
$sql .= " IF(tableid is null,'-1',(SELECT RO.sorting as roomsorting FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as roomsorting, " ;
$sql .= " IF(tableid is null,'-1',(SELECT T.sorting as tablesorting FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as tablesorting " ;
$sql .= " FROM %reservations% R,%user% U " ;
$sql .= " WHERE DATE(scheduledate)=? AND R.creator=U.id " ;
$timeSortedReservations = $this -> getReservationsCore ( $pdo , $day , $month , $year , $sql . " ORDER BY starttime,roomsorting,tablesorting " );
// REM* and now by table
2020-11-19 23:12:46 +01:00
$sql = " SELECT DISTINCT R.tableid as tableid,ROOM.id as roomid,ROOM.sorting as roomsorting,T.sorting as tablesorting FROM %reservations% R,%room% ROOM,%resttables% T " ;
2020-11-19 23:12:37 +01:00
$sql .= " WHERE DATE(scheduledate)=? AND tableid is not null AND tableid >= '0' " ;
$sql .= " AND R.tableid = T.id AND T.roomid=ROOM.id " ;
$sql .= " ORDER BY ROOM.sorting,T.sorting " ;
$day = sprintf ( " %02s " , $day );
$month = sprintf ( " %02s " , $month );
$scheduledDate = " $year - $month - $day " ;
$allTablesOfResAtThatDate = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $scheduledDate ));
$byTables = array ();
foreach ( $allTablesOfResAtThatDate as $tableRes ) {
$sql = " SELECT R.id,U.username as creator,creationdate,scheduledate,starttime as start,name as guest,email,persons,duration,(starttime + duration) as endhour, " ;
$sql .= " phone,remark,tableid,' " . $tableRes [ " roomid " ] . " ' as roomid " ;
$sql .= " FROM %reservations% R,%user% U " ;
$sql .= " WHERE DATE(scheduledate)=? AND R.creator=U.id AND tableid=? " ;
$sql .= " ORDER BY starttime " ;
$allResOfThatTable = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $scheduledDate , $tableRes [ " tableid " ]));
$byTables [] = array ( " tableid " => $tableRes [ " tableid " ], " roomid " => $tableRes [ " roomid " ], " reservations " => $allResOfThatTable );
}
// REM* these were all reservations by table at the given date. Let's add all reservations without a table assignment
$sql = " SELECT R.id,U.username as creator,creationdate,scheduledate,starttime as start,name as guest,email,persons,duration,(starttime + duration) as endhour, " ;
$sql .= " phone,remark,'-1' as tableid,'-1' as roomid " ;
$sql .= " FROM %reservations% R,%user% U " ;
$sql .= " WHERE DATE(scheduledate)=? AND R.creator=U.id AND (tableid is null OR tableid='-1') " ;
$sql .= " ORDER BY starttime " ;
$allResOfUndefinedTable = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $scheduledDate ));
if ( count ( $allResOfUndefinedTable ) > 0 ) {
$byTables [] = array ( " tableid " => '-1' , " roomid " => '-1' , " reservations " => $allResOfUndefinedTable );
}
$msg = array ( " bytimes " => $timeSortedReservations , " bytables " => $byTables );
// REM* now attach a list of rooms and tables to select for new reservations
$tableoverview = self :: gettablesoverview ( $pdo );
echo json_encode ( array ( " status " => " OK " , " msg " => $msg , " tableoverview " => $tableoverview ));
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:12:37 +01:00
private function getReservationsCore ( $pdo , $day , $month , $year , $sql ) {
2020-11-19 22:47:44 +01:00
$day = sprintf ( " %02s " , $day );
$month = sprintf ( " %02s " , $month );
2020-11-19 23:12:37 +01:00
$scheduledDate = " $year - $month - $day " ;
2020-11-19 22:47:44 +01:00
2020-11-19 23:12:37 +01:00
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
2020-11-19 23:12:37 +01:00
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $scheduledDate ));
$resArray = array ();
2020-11-19 22:47:44 +01:00
foreach ( $result as $row ) {
$datetimeparts = explode ( " " , $row [ 'scheduledate' ]);
$thedate = $datetimeparts [ 0 ];
2020-11-19 23:12:37 +01:00
$thedateparts = explode ( " - " , $thedate );
2020-11-19 22:47:44 +01:00
$resArray [] = array (
" id " => $row [ 'id' ],
" creator " => $row [ 'username' ],
" creationdate " => $row [ 'creationdate' ],
" day " => $thedateparts [ 2 ],
" month " => $thedateparts [ 1 ],
" year " => $thedateparts [ 0 ],
" start " => $row [ 'starttime' ],
" guest " => $row [ 'name' ],
" email " => $row [ 'email' ],
" persons " => $row [ 'persons' ],
" duration " => $row [ 'duration' ],
" phone " => $row [ 'phone' ],
" remark " => $row [ 'remark' ],
2020-11-19 23:12:37 +01:00
" roomid " => $row [ 'roomid' ],
" tableid " => $row [ 'tableid' ]
);
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:12:37 +01:00
return $resArray ;
}
catch ( PDOException $e ) {
return array ();
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:12:37 +01:00
}
private static function gettablesoverview ( $pdo ) {
try {
$tableoverview = array ();
// REM* get only the rooms with not removed tables (active flag is ignored because it may be that the room is active at date for reservation)
$sql = " SELECT R.id as roomid,R.roomname as roomname,IFNULL(R.abbreviation,'') as abbreviation from %room% R WHERE R.removed is null HAVING (SELECT COUNT(id) FROM %resttables% T WHERE T.roomid=R.id AND T.removed is null) > 0 ORDER BY sorting " ;
$rooms = CommonUtils :: fetchSqlAll ( $pdo , $sql );
foreach ( $rooms as $aRoom ) {
$sql = " SELECT id,tableno as tablename FROM %resttables% WHERE roomid=? ORDER BY sorting " ;
$tablesOfRoom = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $aRoom [ 'roomid' ]));
$tableoverview [ $aRoom [ 'roomid' ]] = array ( " roomid " => $aRoom [ 'roomid' ], " roomname " => $aRoom [ " roomname " ], " roomabbreviation " => $aRoom [ " abbreviation " ], " tables " => $tablesOfRoom );
}
return $tableoverview ;
} catch ( Exception $ex ) {
return array ();
2020-11-19 22:47:44 +01:00
}
}
}
