2020-11-19 22:47:44 +01:00
< ? php
// Datenbank-Verbindungsparameter
require_once ( 'dbutils.php' );
require_once ( 'commonutils.php' );
require_once ( 'admin.php' );
require_once ( 'reports.php' );
2020-11-19 22:52:25 +01:00
require_once ( 'utilities/pdfexport.php' );
require_once ( '3rdparty/phpexcel/classes/PHPExcel.php' );
2020-11-19 22:47:44 +01:00
define ( 'FPDF_FONTPATH' , '3rdparty/fpdf/font/' );
2020-11-19 22:52:25 +01:00
define ( 'DO_EXCEL' , 1 );
define ( 'DO_CSV' , 2 );
2020-11-19 22:47:44 +01:00
class Bill {
var $dbutils ;
var $t ;
private $P_SUM = array ( " Summe: " , " Sum: " , " Todo: " );
private $P_TOTAL = array ( " Total " , " Total " , " Total " );
private $P_MWST = array ( " MwSt " , " Tax " , " IVA " );
private $P_NETTO = array ( " Netto " , " Net " , " Neto " );
private $P_BRUTTO = array ( " Brutto " , " Gross " , " Bruto " );
private $P_ID = array ( " Id: " , " Id: " , " Id: " );
private $P_TABLE = array ( " Tisch: " , " Table: " , " Mesa: " );
private $P_WAITER = array ( " Es bediente Sie: " , " Waiter: " , " Camarero: " );
private $P_NO = array ( " Anz. " , " No. " , " Nú. " );
private $P_DESCR = array ( " Beschreibung " , " Description " , " Descripción " );
private $P_PRICE = array ( " Preis " , " Price " , " Precio " );
function __construct () {
$this -> dbutils = new DbUtils ();
require_once 'translations.php' ;
}
function handleCommand ( $command ) {
if ( $command == 'exportCsv' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
// yes, we can export the data
2020-11-19 22:52:25 +01:00
$this -> exportCsv ( $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ], DO_CSV );
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_NOT_AUTHOTRIZED , " msg " => ERROR_BILL_NOT_AUTHOTRIZED_MSG ));
}
return ;
}
if ( $command == 'exportXlsx' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
// yes, we can export the data
$this -> exportCsv ( $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ], DO_EXCEL );
2020-11-19 22:47:44 +01:00
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_NOT_AUTHOTRIZED , " msg " => ERROR_BILL_NOT_AUTHOTRIZED_MSG ));
}
return ;
}
if ( $command == 'exportPdfReport' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
$this -> exportPdfReport ( $_GET [ 'lang' ], $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ]);
} else {
echo " Benutzer nicht berechtigt " ;
}
return ;
}
if ( $command == 'exportPdfSummary' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
$this -> exportPdfSummary ( $_GET [ 'lang' ], $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ]);
} else {
echo " Benutzer nicht berechtigt " ;
}
return ;
}
if ( $command == 'exportCsvOfClosing' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
// yes, we can export the data
2020-11-19 22:52:25 +01:00
$this -> exportCsvOfClosing ( $_GET [ 'closingid' ], DO_CSV );
2020-11-19 22:47:44 +01:00
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_MANAGER_NOT_AUTHOTRIZED , " msg " => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG ));
}
return ;
}
2020-11-19 22:52:25 +01:00
if ( $command == 'exportXlsxOfClosing' ) {
if ( $this -> hasCurrentUserAdminOrManagerRights ()) {
// yes, we can export the data
$this -> exportCsvOfClosing ( $_GET [ 'closingid' ], DO_EXCEL );
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_MANAGER_NOT_AUTHOTRIZED , " msg " => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG ));
}
return ;
}
2020-11-19 22:47:44 +01:00
if ( $command == 'doCashAction' ) {
if ( $this -> hasCurrentUserPaydeskRights ()) {
$this -> doCashAction ( $_POST [ 'money' ]);
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_PAYDESK_NOT_AUTHOTRIZED , " msg " => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG ));
}
return ;
} else if ( $command == 'getCashOverviewOfUser' ) {
if ( $this -> hasCurrentUserPaydeskRights ()) {
$this -> getCashOverviewOfUser ();
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_PAYDESK_NOT_AUTHOTRIZED , " msg " => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG ));
}
return ;
}
if ( $this -> hasCurrentUserBillRights ()) {
if ( $command == 'getLastBillsWithContent' ) {
$this -> getLastBillsWithContent ( $_GET [ 'day' ], $_GET [ 'month' ], $_GET [ 'year' ]);
} else if ( $command == 'cancelBill' ) {
2020-11-19 22:52:25 +01:00
$this -> cancelBill ( $_POST [ 'billid' ], $_POST [ 'stornocode' ], $_POST [ 'reason' ]);
2020-11-19 22:47:44 +01:00
}
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_NOT_AUTHOTRIZED , " msg " => ERROR_BILL_NOT_AUTHOTRIZED_MSG ));
}
}
// for internal request
private function hasCurrentUserBillRights () {
session_start ();
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
// no user logged in
return false ;
} else {
return ( $_SESSION [ 'right_bill' ]);
}
}
private function hasCurrentUserPaydeskRights () {
session_start ();
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
// no user logged in
return false ;
} else {
return ( $_SESSION [ 'right_paydesk' ]);
}
}
// for internal request
private function hasCurrentUserAdminOrManagerRights () {
session_start ();
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
// no user logged in
return false ;
} else {
return ( $_SESSION [ 'right_manager' ] || $_SESSION [ 'is_admin' ]);
}
}
/**
* get the content of a bill ( to be used for printserver etc . )
*
* @ param unknown $billid
*/
function getBillWithId ( $billid , $language , $printer ) {
set_time_limit ( 120 );
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
// is bill correct with signature?
$commonUtils = new CommonUtils ();
$correct = $commonUtils -> verifyBill ( $pdo , $billid );
if ( ! $correct ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
}
// first: get the bill overall data
// is the bill for a table or togo
$sql = " SELECT tableid FROM %bill% WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $billid ));
$row = $stmt -> fetchObject ();
$sql = " SELECT count(id) as countid FROM %queue% WHERE billid=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $billid ));
$qrow = $stmt -> fetchObject ();
if ( $qrow -> countid == 0 ) {
if ( $row -> tableid == 0 ) {
// togo
$sql = " SELECT DISTINCT billdate,brutto,netto,'-' as tablename,username,host FROM %bill%,%user% WHERE %bill%.id=? AND userid=%user%.id AND tableid='0' " ;
} else {
$sql = " SELECT DISTINCT billdate,brutto,netto,tableno as tablename,username,host FROM %bill%,%user%,%resttables% WHERE %bill%.id=? AND userid=%user%.id AND tableid=%resttables%.id " ;
}
} else {
if ( $row -> tableid == 0 ) {
// togo
$sql = " SELECT DISTINCT billdate,brutto,netto,'-' as tablename,username,host FROM %bill%,%user%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid='0' AND paidtime is not null " ;
} else {
$sql = " SELECT DISTINCT billdate,brutto,netto,tableno as tablename,username,host FROM %bill%,%user%,%resttables%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid=%resttables%.id AND paidtime is not null " ;
}
}
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $billid ));
$row = $stmt -> fetchObject ();
if ( $row == null ) {
// no rows found -> deliver no content
echo json_encode ( array ( " billoverallinfo " => array ()));
return ;
} else {
if ( is_null ( $row -> host )) {
$host = 0 ; // default
} else {
$host = $row -> host ;
}
$thetimedate = $row -> billdate ;
$thetimedate_arr = explode ( ' ' , $thetimedate );
$thedate = $thetimedate_arr [ 0 ];
$datearr = explode ( '-' , $thedate );
$day = sprintf ( " %02s " , $datearr [ 2 ]);
$month = sprintf ( " %02s " , $datearr [ 1 ]);
$year = sprintf ( " %04s " , $datearr [ 0 ]);
$thetime = $thetimedate_arr [ 1 ];
$thetimearr = explode ( ':' , $thetime );
$hour = $thetimearr [ 0 ];
$min = $thetimearr [ 1 ];
$thetimedate = " $day . $month . $year $hour : $min " ;
$billoverallinfo = array (
" id " => $billid ,
" billdate " => $thetimedate ,
" billday " => $day ,
" billmonth " => $month ,
" billyear " => $year ,
" billhour " => $hour ,
" billmin " => $min ,
" brutto " => $row -> brutto ,
" netto " => $row -> netto ,
" table " => $row -> tablename ,
" username " => $row -> username ,
" printer " => $printer ,
" host " => $host
);
$billtranslations = array (
" sum " => $this -> P_SUM [ $language ],
" total " => $this -> P_TOTAL [ $language ],
" mwst " => $this -> P_MWST [ $language ],
" netto " => $this -> P_NETTO [ $language ],
" brutto " => $this -> P_BRUTTO [ $language ],
" id " => $this -> P_ID [ $language ],
" table " => $this -> P_TABLE [ $language ],
" waiter " => $this -> P_WAITER [ $language ],
" no " => $this -> P_NO [ $language ],
" descr " => $this -> P_DESCR [ $language ],
" price " => $this -> P_PRICE [ $language ]
);
}
// now get all products of this bill
$sql = " select productname,price,%pricelevel%.name as pricelevelname,count(%queue%.productname) as count from %bill%,%queue%,%pricelevel% where %bill%.id=? and %queue%.billid=%bill%.id AND paidtime is not null AND %queue%.pricelevel = %pricelevel%.id group by productname,price,pricelevelname " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billid ));
$result = $stmt -> fetchAll ();
$prodarray = array ();
foreach ( $result as $zeile ) {
$prodarray [] = array ( " count " => $zeile [ 'count' ],
" productname " => $zeile [ 'productname' ],
" pricelevel " => $zeile [ 'pricelevelname' ],
" price " => $zeile [ 'price' ]
);
}
$sql = " select tax,round(sum(price) - sum(price / (1.0 + tax/100.0)),2) as mwst, round(sum(price / (1.0 + tax/100.0)),2) as netto, sum(price) as brutto FROM %queue% WHERE billid=? group by tax ORDER BY tax " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billid ));
$result = $stmt -> fetchAll ( PDO :: FETCH_OBJ );
$out = array ( " billoverallinfo " => $billoverallinfo , " translations " => $billtranslations , " products " => $prodarray , " taxes " => $result );
return $out ;
}
/*
* insert or take out cash money . The direction done by sign of $money value
*/
private function doCashAction ( $money ) {
// current time
date_default_timezone_set ( DbUtils :: getTimeZone ());
$currentTime = date ( 'Y-m-d H:i:s' );
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$pdo -> beginTransaction ();
$sql = " SELECT sum(brutto) as bruttosum FROM %bill% WHERE closingid is null AND paymentid='1' " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
if ( $row != null ) {
$sum = $row -> bruttosum ;
if ( is_null ( $sum )) {
// no transaction after last closing
$sum = 0.0 ;
}
if (( $sum + floatval ( $money )) >= 0.0 ) {
// Test if it is allowed to insert new bill as storno bill or if manipulation has happened
$nextbillid = $this -> testForNewBillIdAndUpdateWorkTable ( $pdo );
if ( $nextbillid < 0 ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
$pdo -> rollBack ();
}
$userId = $this -> getUserId ();
// now calculate the signature for the bill entry
$commonUtils = new CommonUtils ();
$signature = $commonUtils -> calcSignatureForBill ( $pdo , $currentTime , $money , $money , 0.0 , $userId );
$sql = " INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`signature`) VALUES ( ?, ? , ?,?,?, ?, 'c', ?,?,?,?) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $nextbillid , $currentTime , $money , $money , '0.00' , - 1 , 1 , $userId , NULL , $signature ));
$pdo -> commit ();
echo json_encode ( array ( " status " => " OK " ));
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT , " msg " => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT_MSG ));
}
} else {
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_GENERAL_PAYDESK_SUM , " msg " => ERROR_GENERAL_PAYDESK_SUM_MSG ));
return ;
}
}
/*
* User may ask what money he should have in his pocket by serving the guests . If the inserts and
* take outs are in in his waiter paydesk then this value is of interest , too . Return both .
*/
function getCashOverviewOfUser () {
$userId = $this -> getUserId ();
// without cash insert and cash takeout
$onlyCashByGuests = 0.0 ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$sql = " SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND status is null AND paymentid=1 AND userid=' $userId ' " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
if ( $row != null ) {
if ( $row -> sumtotal != null ) {
$onlyCashByGuests = $row -> sumtotal ;
}
}
// with cash
$cashByGuestsAndInsertTakeOut = 0.0 ;
$sql = " SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND paymentid='1' AND userid=' $userId ' AND (status is null OR status ='c') " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
if ( $row != null ) {
if ( $row -> sumtotal != null ) {
$cashByGuestsAndInsertTakeOut = $row -> sumtotal ;
}
}
echo json_encode ( array ( " guestmoney " => $onlyCashByGuests , " total " => $cashByGuestsAndInsertTakeOut ));
}
2020-11-19 22:54:51 +01:00
function getLastBillsWithContent ( $day , $month , $year ) {
2020-11-19 22:47:44 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
$currentTime = date ( 'Y-m-d H:i:s' );
$startDate = " $year - $month - $day 00:00:00 " ;
$endDate = " $year - $month - $day 23:59:59 " ;
$whenClause = " (billdate >= ? AND billdate <= ?) " ;
// search for the bill language
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$admin = new Admin ();
$genValues = $admin -> getGeneralConfigItems ( false , $pdo );
$l = $genValues [ 'billlanguage' ];
$commonUtils = new CommonUtils ();
$sql = " SELECT id,billdate,brutto,tableid,closingid,status FROM %bill% WHERE tableid >= '0' AND status is null AND $whenClause ORDER BY billdate DESC " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $startDate , $endDate ));
$result = $stmt -> fetchAll ();
$resultarray = array ();
foreach ( $result as $zeile ) {
$theId = $zeile [ 'id' ];
if ( ! $commonUtils -> verifyBill ( $pdo , $theId )) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
}
date_default_timezone_set ( DbUtils :: getTimeZone ());
$date = new DateTime ( $zeile [ 'billdate' ]);
$shortdate = $date -> format ( 'H:i' );
$closingID = $zeile [ 'closingid' ];
$isClosed = ( is_null ( $closingID ) ? 0 : 1 );
$arr = array ( " id " => $theId ,
" longdate " => $zeile [ 'billdate' ],
" shortdate " => $shortdate ,
" brutto " => $zeile [ 'brutto' ],
2020-11-19 22:54:51 +01:00
" tablename " => $commonUtils -> getTableNameFromId ( $pdo , $zeile [ 'tableid' ]),
2020-11-19 22:47:44 +01:00
" billcontent " => $this -> getBillWithId ( $theId , $l , 0 ),
" isClosed " => $isClosed
);
$resultarray [] = $arr ;
}
// insert also the host-html just in case it is needed
$hosthtml = file_get_contents ( " ../customer/bon-bewirtungsvorlage.html " );
ob_start ();
echo json_encode ( array ( " status " => " OK " , " code " => OK , " msg " => $resultarray , " hosthtml " => $hosthtml ));
ob_end_flush ();
}
private function getUserId () {
if ( session_id () == '' ) {
session_start ();
}
return $_SESSION [ 'userid' ];
}
/**
* Test if it is allowed to insert new bill as storno bill or if manipulation has happened
*
* Returns ( - 1 ) in case of an error , a positive return value is the new id , ( which is already updated in work table )
*/
private function testForNewBillIdAndUpdateWorkTable ( $pdo ) {
$commonUtils = new CommonUtils ();
$sql = " SELECT MAX(id) as maxbillid FROM %bill% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
$nextbillid = intval ( $row -> maxbillid ) + 1 ;
if ( ! $commonUtils -> verifyLastBillId ( $pdo , $nextbillid )) {
return ( - 1 );
} else {
// ok - then increment that last id in the work table
$commonUtils -> setLastBillIdInWorkTable ( $pdo , $nextbillid );
return $nextbillid ;
}
}
/*
* Cancel a bill - set all queue items to not paid and drop the bill entry
*/
2020-11-19 22:52:25 +01:00
private function cancelBill ( $billid , $stornocode , $reason ) {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
// current time
date_default_timezone_set ( DbUtils :: getTimeZone ());
$currentTime = date ( 'Y-m-d H:i:s' );
// check if stornocode is correct
2020-11-19 22:54:51 +01:00
$sql = " SELECT count(id) as countid,setting FROM %config% WHERE name='stornocode' " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$row = $stmt -> fetchObject ();
$numberOfVals = $row -> countid ;
2020-11-19 22:47:44 +01:00
if ( $numberOfVals != 1 ) {
// stornocode not fixed
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_NOT_STORNO_CODE , " msg " => ERROR_BILL_NOT_STORNO_CODE_MSG ));
return ;
}
2020-11-19 22:54:51 +01:00
$stornocodeInDb = $row -> setting ;
2020-11-19 22:47:44 +01:00
if ( $stornocode != $stornocodeInDb ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_WRONG_STORNO_CODE , " msg " => ERROR_BILL_WRONG_STORNO_CODE_MSG ));
return ;
}
if ( ! is_numeric ( $billid )) {
// this may be an attack...
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_WRONG_NUMERIC_VALUE , " msg " => ERROR_BILL_WRONG_NUMERIC_VALUE_MSG ));
return ;
}
// Do transactional cancel
$pdo -> beginTransaction ();
// is the bill already closed? In this case no cancel is allowed!
$sql = " SELECT brutto,netto,tax,tableid,closingid,status,paymentid FROM %bill% WHERE id=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billid ));
$row = $stmt -> fetchObject ();
$closingId = null ;
if ( $row != null ) {
$closingId = $row -> closingid ;
// save the next data for a copy!
$brutto = $row -> brutto ;
$netto = $row -> netto ;
$tax = $row -> tax ;
$tableid = $row -> tableid ;
$status = $row -> status ;
$paymentid = $row -> paymentid ;
}
if ( ! is_null ( $closingId ) || ( $status == 's' ) || ( $status == 'x' )) {
// no cancel possible anymore!
$pdo -> rollBack ();
if (( $status == 's' ) || ( $status == 'x' )) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_ALREADY_CANCELLED , " msg " => ERROR_BILL_ALREADY_CANCELLED_MSG ));
} else {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_BILL_ALREADY_CLOSED , " msg " => ERROR_BILL_ALREADY_CLOSED_MSG ));
}
return ;
}
// is bill correct with signature?
$commonUtils = new CommonUtils ();
$correct = $commonUtils -> verifyBill ( $pdo , $billid );
if ( ! $correct ) {
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
return ;
}
// Test if it is allowed to insert new bill as storno bill or if manipulation has happened
$nextbillid = $this -> testForNewBillIdAndUpdateWorkTable ( $pdo );
if ( $nextbillid < 0 ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_INCONSISTENT_DB , " msg " => ERROR_INCONSISTENT_DB_MSG ));
$pdo -> rollBack ();
return ;
}
// 0. find the queueitems that are related to that bill
$sql = " SELECT id FROM %queue% WHERE billid=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billid ));
$result = $stmt -> fetchAll ();
$queueIdArray = array ();
foreach ( $result as $row ) {
$queueIdArray [] = $row [ 'id' ];
}
// 1. clear connection between queue item and bill
$sql = " UPDATE %queue% SET paidtime=null,billid=null WHERE billid=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $billid ));
// 2. copy bill with negativ brutto as part of storno
$userIdOfStornoUser = $this -> getUserId ();
$stornval = 0.0 - floatval ( $brutto );
$stornonettoval = 0.0 - floatval ( $netto );
$commonUtils = new CommonUtils ();
$signature = $commonUtils -> calcSignatureForBill ( $pdo , $currentTime , $stornval , $stornonettoval , $tax , $userIdOfStornoUser );
$sql = " INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`host`,`signature`) VALUES ( ?, ? , ?, ?,?,?, 's', ?,?,?,?,?) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $nextbillid , $currentTime , $stornval , $stornonettoval , $tax , $tableid , $paymentid , $userIdOfStornoUser , $billid , 0 , $signature ));
$refIdOfStornoEntry = $pdo -> lastInsertId ();
// 3. mark bill as part of storno
$sql = " UPDATE %bill% SET status='x', closingid=null, ref=? WHERE id=? " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $refIdOfStornoEntry , $billid ));
2020-11-19 22:52:25 +01:00
if ( ! is_null ( $reason ) && ( $reason != " " )) {
$sql = " UPDATE %bill% SET reason=? WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $reason , $billid ));
}
2020-11-19 22:47:44 +01:00
// 4. now put the queue items into the billproducts so that later storno is evaluable
foreach ( $queueIdArray as $aQueueid ) {
$billProdsSql = " INSERT INTO `%billproducts%` (`queueid` , `billid`) VALUES ( ?,?) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $billProdsSql ));
$stmt -> execute ( array ( $aQueueid , $refIdOfStornoEntry ));
}
$pdo -> commit ();
// end of transactional cancel
echo json_encode ( array ( " status " => " OK " , " code " => OK ));
return ;
}
private function exportPdfReport ( $startMonth , $startYear , $endMonth , $endYear ) {
$pdfExport = new PdfExport ();
$pdfExport -> exportPdfReport ( $_GET [ 'lang' ], $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ]);
}
private function exportPdfSummary ( $startMonth , $startYear , $endMonth , $endYear ) {
$pdfExport = new PdfExport ();
$pdfExport -> exportPdfSummary ( $_GET [ 'lang' ], $_GET [ 'startMonth' ], $_GET [ 'startYear' ], $_GET [ 'endMonth' ], $_GET [ 'endYear' ]);
}
2020-11-19 22:52:25 +01:00
private function exportCsv ( $startMonth , $startYear , $endMonth , $endYear , $exportType ) {
$this -> exportCsv_bin ( $startMonth , $startYear , $endMonth , $endYear , null , $exportType );
2020-11-19 22:47:44 +01:00
}
/*
* Method to export data of a special closing
*/
2020-11-19 22:52:25 +01:00
private function exportCsvOfClosing ( $closingid , $exportFormat ) {
$this -> exportCsv_bin ( null , null , null , null , $closingid , $exportFormat );
2020-11-19 22:47:44 +01:00
}
private function getDecPoint () {
$sql = " SELECT name,setting FROM %config% WHERE name=? " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( " decpoint " ));
$row = $stmt -> fetchObject ();
return ( $row -> setting );
}
2020-11-19 22:52:25 +01:00
private function exportCsv_bin ( $startMonth , $startYear , $endMonth , $endYear , $onlyClosingId , $exportFormat ) {
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:47:44 +01:00
$l = $_SESSION [ 'language' ];
$commonUtils = new CommonUtils ();
$currency = $commonUtils -> getCurrency ();
2020-11-19 22:52:25 +01:00
$decpoint = " . " ;
$formatCode = " 0.00 " ;
2020-11-19 22:47:44 +01:00
if ( $onlyClosingId == null ) {
if ( $startMonth < 10 ) {
$startMonth = " 0 " . $startMonth ;
}
if ( $endMonth < 10 ) {
$endMonth = " 0 " . $endMonth ;
}
$startDate = $startYear . " - " . $startMonth . " -01 00:00:00 " ;
// now find last day of month of end date!
2020-11-19 22:52:25 +01:00
$endDate = $endYear . " - " . $endMonth . " -01 " ;
2020-11-19 22:47:44 +01:00
$lastdayOfMonth = date ( " t " , strtotime ( $endDate ));
$endDate = $endYear . " - " . $endMonth . " - " . $lastdayOfMonth . " 23:59:59 " ;
}
2020-11-19 22:52:25 +01:00
$objPHPExcel = new PHPExcel ();
PHPExcel_Settings :: setZipClass ( PHPExcel_Settings :: PCLZIP );
$locale = 'De' ;
if ( $l == 1 ) {
$locale = 'En' ;
} else if ( $l == 2 ) {
$locale = 'Es' ;
}
$validLocale = PHPExcel_Settings :: setLocale ( $locale );
$objPHPExcel -> getProperties ()
-> setCreator ( " OrderSprinter " )
-> setLastModifiedBy ( $_SESSION [ 'currentuser' ])
-> setTitle ( " OrderSprinter Umsatzdatenexport " )
-> setSubject ( " OrderSprinter Umsatzdatenexport " )
-> setDescription ( " Umsätze " )
-> setKeywords ( " OrderSprinter Umsätze " )
-> setCategory ( " OrderSprinter Datenexport " );
$objWorksheet = $objPHPExcel -> getActiveSheet ();
$allcells = array ();
$firstRow = array (
$this -> t [ 'ID' ][ $l ],
$this -> t [ 'Date' ][ $l ],
$this -> t [ 'Brutto' ][ $l ] . " ( $currency ) " ,
$this -> t [ 'Netto' ][ $l ] . " ( $currency ) " ,
$this -> t [ 'State' ][ $l ],
$this -> t [ 'Ref' ][ $l ],
$this -> t [ 'host' ][ $l ],
$this -> t [ 'reason' ][ $l ],
$this -> t [ 'Userid' ][ $l ],
$this -> t [ 'User' ][ $l ]);
2020-11-19 22:47:44 +01:00
if ( $onlyClosingId == null ) {
2020-11-19 22:52:25 +01:00
$firstRow [] = $this -> t [ 'ClosId' ][ $l ];
$firstRow [] = $this -> t [ 'ClosDate' ][ $l ];
$firstRow [] = $this -> t [ 'PayWay' ][ $l ];
$firstRow [] = $this -> t [ 'ClosRemark' ][ $l ];
} else {
2020-11-19 22:47:44 +01:00
// closing id is know - do not output unnecessary info
2020-11-19 22:52:25 +01:00
$firstRow [] = $this -> t [ 'PayWay' ][ $l ];
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:52:25 +01:00
$lineLength = count ( $firstRow );
$allcells [] = $firstRow ;
2020-11-19 22:47:44 +01:00
$billIdsForThatClosing = array ();
$payment_lang = array ( " name " , " name_en " , " name_esp " );
$payment_col = $payment_lang [ $l ];
2020-11-19 22:52:25 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " SELECT DISTINCT %bill%.id,%bill%.signature,billdate,brutto,netto,IF(tax is not null, tax, '0.00') as tax,status,closingdate,remark,%bill%.host,%bill%.closingid,%payment%. $payment_col as payway,userid,ref,username,IF(%bill%.reason is not null,reason,'') as reason FROM %bill%,%closing%,%payment%,%user% " ;
2020-11-19 22:47:44 +01:00
$sql .= " WHERE closingid is not null AND %bill%.closingid=%closing%.id " ;
$sql .= " AND %bill%.paymentid=%payment%.id " ;
if ( $onlyClosingId == null ) {
// search for time span
2020-11-19 22:52:25 +01:00
$sql .= " AND %bill%.billdate BETWEEN ? AND ? " ;
2020-11-19 22:47:44 +01:00
} else {
// search for a special closing id
2020-11-19 22:52:25 +01:00
$sql .= " AND closingid=? " ;
2020-11-19 22:47:44 +01:00
}
$sql .= " AND %bill%.userid = %user%.id " ;
$sql .= " ORDER BY billdate " ;
2020-11-19 22:52:25 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
2020-11-19 22:47:44 +01:00
2020-11-19 22:52:25 +01:00
if ( $onlyClosingId == null ) {
$stmt -> execute ( array ( $startDate , $endDate ));
} else {
$stmt -> execute ( array ( $onlyClosingId ));
}
$dbresult = $stmt -> fetchAll ();
foreach ( $dbresult as $zeile ) {
2020-11-19 22:47:44 +01:00
$billid = $zeile [ 'id' ];
$billdate = $zeile [ 'billdate' ];
2020-11-19 22:52:25 +01:00
2020-11-19 22:47:44 +01:00
$brutto_orig = $zeile [ 'brutto' ];
$netto_orig = $zeile [ 'netto' ];
$tax_orig = $zeile [ 'tax' ];
2020-11-19 22:52:25 +01:00
2020-11-19 22:47:44 +01:00
$brutto = str_replace ( " . " , $decpoint , $brutto_orig );
$netto = str_replace ( " . " , $decpoint , $netto_orig );
$tax = str_replace ( " . " , $decpoint , $tax_orig );
$signature = $zeile [ 'signature' ];
$status = $zeile [ 'status' ];
2020-11-19 22:52:25 +01:00
if ( $status == 'x' ) {
$status = $this -> t [ " laterCancelled " ][ $l ];
} else if ( $status == 's' ) {
$status = $this -> t [ " storno " ][ $l ];
} else if ( $status == 'c' ) {
2020-11-19 22:47:44 +01:00
$status = $this -> t [ " cashact " ][ $l ];
} else {
$status = " " ;
}
$ref = ( $zeile [ 'ref' ] == null ? " " : $zeile [ 'ref' ]);
$userid = $zeile [ 'userid' ];
$username = $zeile [ 'username' ];
$closingid = $zeile [ 'closingid' ];
$closingdate = $zeile [ 'closingdate' ];
2020-11-19 22:52:25 +01:00
$remark = $zeile [ 'remark' ];
$paymentname = $zeile [ 'payway' ];
2020-11-19 22:47:44 +01:00
$host = ( $zeile [ 'host' ] == 1 ? " x " : " - " );
2020-11-19 22:52:25 +01:00
$reason = $zeile [ 'reason' ];
2020-11-19 22:47:44 +01:00
if ( ! $commonUtils -> verifyBillByValues ( null , $billdate , $brutto_orig , $netto_orig , $tax_orig , $userid , $signature )) {
echo " Inconsistent Data Base Content! \n " ;
return ;
}
2020-11-19 22:52:25 +01:00
2020-11-19 22:47:44 +01:00
if ( $billid == null ) {
$billid = " - " ;
}
2020-11-19 22:52:25 +01:00
2020-11-19 22:47:44 +01:00
if ( $onlyClosingId == null ) {
2020-11-19 22:52:25 +01:00
$line = array ( $billid , $billdate , $brutto , $netto , $status , $ref , $host , $reason , $userid , $username , $closingid , $closingdate , $paymentname , $remark );
2020-11-19 22:47:44 +01:00
} else {
2020-11-19 22:52:25 +01:00
$line = array ( $billid , $billdate , $brutto , $netto , $status , $ref , $host , $reason , $userid , $username , $paymentname );
}
$allcells [] = $line ;
}
$objWorksheet -> fromArray (
$allcells , // The data to set
NULL , // Array values with this value will not be set
'A1' // Top left coordinate of the worksheet range where
);
$lastChar = chr ( ord ( 'A' ) + $lineLength - 1 );
$range = " A1: $lastChar " . " 1 " ;
$objWorksheet -> getStyle ( $range ) -> getFill ()
-> setFillType ( PHPExcel_Style_Fill :: FILL_SOLID )
-> getStartColor () -> setARGB ( 'FFadf6aa' );
$range = " A2: " . $lastChar . count ( $allcells );
$objWorksheet -> getStyle ( $range ) -> getFill ()
-> setFillType ( PHPExcel_Style_Fill :: FILL_SOLID )
-> getStartColor () -> setARGB ( 'FFd6edf8' );
for ( $i = 1 ; $i < count ( $allcells ); $i ++ ) {
$aVal = $objWorksheet -> getCell ( 'C' . ( $i + 1 )) -> getValue ();
$objWorksheet -> getCell ( 'C' . ( $i + 1 )) -> setValueExplicit ( $aVal , PHPExcel_Cell_DataType :: TYPE_NUMERIC );
$objWorksheet -> getStyle ( 'C' . ( $i + 1 )) -> getNumberFormat () -> setFormatCode ( $formatCode );
$aVal = $objWorksheet -> getCell ( 'D' . ( $i + 1 )) -> getValue ();
$objWorksheet -> getCell ( 'D' . ( $i + 1 )) -> setValueExplicit ( $aVal , PHPExcel_Cell_DataType :: TYPE_NUMERIC );
$objWorksheet -> getStyle ( 'D' . ( $i + 1 )) -> getNumberFormat () -> setFormatCode ( $formatCode );
}
if ( $exportFormat == DO_CSV ) {
header ( " Content-type: text/x-csv " );
header ( " Content-Disposition: attachment; filename= \" ordersprinter-datenexport.csv \" " );
header ( " Cache-Control: max-age=0 " );
$objWriter = new PHPExcel_Writer_CSV ( $objPHPExcel );
} else {
header ( " Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet " );
header ( " Content-Disposition: attachment; filename= \" ordersprinter-datenexport.xlsx \" " );
header ( " Cache-Control: max-age=0 " );
$objWriter = PHPExcel_IOFactory :: createWriter ( $objPHPExcel , 'Excel5' );
}
$objWriter -> save ( " php://output " );
$objPHPExcel -> disconnectWorksheets ();
unset ( $objPHPExcel );
2020-11-19 22:47:44 +01:00
}
}
?>
