2020-11-19 22:47:44 +01:00
< ? php
// Datenbank-Verbindungsparameter
require_once ( 'dbutils.php' );
require_once ( 'globals.php' );
require_once ( 'utilities/TypeAndProducts/TypeAndProductFileManager.php' );
require_once ( 'utilities/userrights.php' );
require_once ( 'utilities/HistFiller.php' );
require_once ( 'utilities/basedb.php' );
2020-11-19 23:00:05 +01:00
require_once ( 'utilities/decimaldefs.php' );
2020-11-19 22:47:44 +01:00
require_once ( 'utilities/sorter.php' );
require_once ( 'utilities/Logger.php' );
require_once ( 'utilities/Emailer.php' );
2020-11-19 23:10:26 +01:00
require_once ( 'utilities/version.php' );
2020-11-19 23:00:58 +01:00
require_once ( 'hotelinterface.php' );
2020-11-19 22:47:44 +01:00
class Admin {
var $dbutils ;
var $userrights ;
var $histfiller ;
private static $timezone = null ;
2020-11-19 22:59:47 +01:00
private static $rights = array (
" createNewUser " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 23:03:48 +01:00
" createNewRole " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 22:59:47 +01:00
" updateUser " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 23:03:48 +01:00
" updateRole " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 22:59:47 +01:00
" deleteUser " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 23:03:48 +01:00
" deleteRole " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 22:59:47 +01:00
" changepassword " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" changeConfig " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" readlogo " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" deletelogo " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" getCurrentUser " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" tryAuthenticate " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" setLastModuleOfUser " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getViewAfterLogin " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" isUserAlreadyLoggedIn " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" isLoggedinUserAdmin " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" isLoggedinUserKitchen " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" isLoggedinUserBar " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" isLoggedinUserAdminOrManagerOrTE " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" hasUserPaydeskRight " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getJsonMenuItemsAndVersion " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" getUserList " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:48 +01:00
" getRoleList " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" setTime " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" changeOwnPassword " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setUserLanguage " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setUserReceiptPrinter " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setBtnSize " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getGeneralConfigItems " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getWaiterSettings " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getPayPrintType " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getPayments " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" autobackup " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:43 +01:00
" autoftpbackup " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" shutdown " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
2020-11-19 23:00:46 +01:00
" optimize " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
2020-11-19 23:03:43 +01:00
" ftpbackup " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" backup " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" restore " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" golive " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" drop " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" fill " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" fillSpeisekarte " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
" assignTaxes " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
2020-11-19 23:03:07 +01:00
" getDbStat " => array ( " loggedin " => 1 , " isadmin " => 1 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" exportConfigCsv " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" exportUserCsv " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 23:00:18 +01:00
" exportLog " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 22:59:47 +01:00
" setOrderVolume " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setPreferTableMap " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setKeepTypeLevel " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:02:42 +01:00
" setMobileTheme " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" setApplyExtrasBtnPos " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:10:26 +01:00
" setTablesAfterSend " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:35 +01:00
" setPreferimgdesk " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" setPreferimgmobile " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:38 +01:00
" setPrefershowplusminus " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:10:06 +01:00
" setPreferfixbtns " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" getOrderVolume " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getButtonSizes " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getPreferTableMap " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getKeepTypeLevel " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:02:42 +01:00
" getMobileTheme " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:47 +01:00
" getApplyExtrasBtnPos " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:10:26 +01:00
" getTablesAfterSend " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:35 +01:00
" getPreferimgdesk " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
" getPreferimgmobile " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:38 +01:00
" getPrefershowplusminus " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:10:06 +01:00
" getPreferfixbtns " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 22:59:57 +01:00
" isInstalled " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:00:58 +01:00
" isPrinterServerActive " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:02:42 +01:00
" getWaiterMessage " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null ),
2020-11-19 23:03:20 +01:00
" getmobilecss " => array ( " loggedin " => 0 , " isadmin " => 0 , " rights " => null ),
" getprinterinstances " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
" setprinterinstances " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " manager_or_admin " )),
2020-11-19 23:10:21 +01:00
" getdashreports " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => array ( " dash " )),
" getDailycode " => array ( " loggedin " => 1 , " isadmin " => 0 , " rights " => null )
2020-11-19 22:59:47 +01:00
);
2020-11-19 22:47:44 +01:00
function __construct () {
$this -> dbutils = new DbUtils ();
$this -> userrights = new Userrights ();
$this -> histfiller = new HistFiller ();
}
2020-11-19 22:59:47 +01:00
private static function checkRights ( $command ) {
if ( session_id () == '' ) {
session_start ();
}
if ( ! array_key_exists ( $command , self :: $rights )) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_NOT_FOUND , " msg " => ERROR_COMMAND_NOT_FOUND_MSG ));
return false ;
}
$cmdRights = self :: $rights [ $command ];
if ( $cmdRights [ " loggedin " ] == 1 ) {
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_NOT_AUTHOTRIZED , " msg " => ERROR_NOT_AUTHOTRIZED_MSG ));
return false ;
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
}
if ( $cmdRights [ " isadmin " ] == 1 ) {
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_NOT_AUTHOTRIZED , " msg " => ERROR_NOT_AUTHOTRIZED_MSG ));
return false ;
} else {
2020-11-19 23:03:48 +01:00
if ( $_SESSION [ 'is_admin' ] == false ) {
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_NOT_ADMIN , " msg " => ERROR_COMMAND_NOT_ADMIN_MSG ));
return false ;
}
}
}
if ( ! is_null ( $cmdRights [ " rights " ])) {
foreach ( $cmdRights [ " rights " ] as $aRight ) {
if ( $aRight == 'manager_or_admin' ) {
2020-11-19 23:03:48 +01:00
if (( $_SESSION [ 'is_admin' ]) || ( $_SESSION [ 'right_manager' ])) {
2020-11-19 22:59:47 +01:00
return true ;
2020-11-19 22:53:50 +01:00
}
2020-11-19 23:03:20 +01:00
} else if ( $aRight == 'dash' ) {
2020-11-19 23:03:48 +01:00
if ( $_SESSION [ 'right_dash' ]) {
2020-11-19 23:03:20 +01:00
return true ;
}
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_NOT_AUTHOTRIZED , " msg " => ERROR_NOT_AUTHOTRIZED_MSG ));
return false ;
}
return true ;
}
function handleCommand ( $command ) {
if ( ! self :: checkRights ( $command )) {
return false ;
}
if ( $command == 'tryAuthenticate' ) {
2020-11-19 23:00:09 +01:00
$this -> tryAuthenticate ( $_POST [ 'userid' ], $_POST [ 'password' ], $_POST [ 'modus' ], $_POST [ 'day' ], $_POST [ 'month' ], $_POST [ 'year' ], $_POST [ 'hour' ], $_POST [ 'minute' ], $_POST [ " time " ]);
2020-11-19 22:59:47 +01:00
} else if ( $command == 'setLastModuleOfUser' ) {
$this -> setLastModuleOfUser ( $_POST [ 'view' ]);
} else if ( $command == 'getViewAfterLogin' ) {
$this -> getViewAfterLogin ();
} else if ( $command == 'isUserAlreadyLoggedIn' ) {
$this -> isUserAlreadyLoggedIn ();
} else if ( $command == 'logout' ) {
$this -> logout ();
} else if ( $command == 'getCurrentUser' ) {
$this -> getCurrentUser ();
} else if ( $command == 'isLoggedinUserAdmin' ) {
$this -> isLoggedinUserAdmin ();
} else if ( $command == 'isLoggedinUserKitchen' ) {
$this -> isLoggedinUserKitchen ();
} else if ( $command == 'isLoggedinUserBar' ) {
$this -> isLoggedinUserBar ();
} else if ( $command == 'isLoggedinUserAdminOrManagerOrTE' ) {
$this -> isLoggedinUserAdminOrManagerOrTE ();
} else if ( $command == 'hasUserPaydeskRight' ) {
$this -> hasUserPaydeskRight ();
} else if ( $command == 'getJsonMenuItemsAndVersion' ) {
$this -> getJsonMenuItemsAndVersion ();
} else if ( $command == 'getUserList' ) {
$this -> getUserList ();
2020-11-19 23:03:48 +01:00
} else if ( $command == 'getRoleList' ) {
$this -> getRoleList ();
2020-11-19 22:59:47 +01:00
} else if ( $command == 'setTime' ) {
$this -> setTime ( $_POST [ 'day' ], $_POST [ 'month' ], $_POST [ 'year' ], $_POST [ 'hour' ], $_POST [ 'minute' ]);
} else if ( $command == 'createNewUser' ) {
$this -> createNewUser ();
2020-11-19 23:03:48 +01:00
} else if ( $command == 'createNewRole' ) {
$this -> createNewRole ();
2020-11-19 22:59:47 +01:00
} else if ( $command == 'updateUser' ) {
$this -> updateUser ();
2020-11-19 23:03:48 +01:00
} else if ( $command == 'updateRole' ) {
$this -> updateRole ();
2020-11-19 22:59:47 +01:00
} else if ( $command == 'deleteUser' ) {
$this -> deleteUser ( $_POST [ 'userid' ]);
2020-11-19 23:03:48 +01:00
} else if ( $command == 'deleteRole' ) {
$this -> deleteRole ( $_POST [ 'roleid' ]);
2020-11-19 22:59:47 +01:00
} else if ( $command == 'changepassword' ) {
$this -> changepassword ( $_POST [ 'userid' ], $_POST [ 'password' ]);
} else if ( $command == 'changeOwnPassword' ) {
$this -> changeOwnPassword ( $_POST [ 'oldPass' ], $_POST [ 'newPass' ]);
} else if ( $command == 'setUserLanguage' ) {
$this -> setUserLanguage ( $_POST [ 'language' ]);
} else if ( $command == 'setUserReceiptPrinter' ) {
$this -> setUserReceiptPrinter ( $_POST [ 'printer' ]);
} else if ( $command == 'setBtnSize' ) {
$this -> setBtnSize ( $_POST [ 'btn' ], $_POST [ 'size' ]);
} else if ( $command == 'changeConfig' ) {
$this -> changeConfig ( $_POST [ 'changed' ]);
} else if ( $command == 'readlogo' ) {
$this -> readlogo ();
} else if ( $command == 'deletelogo' ) {
$this -> deletelogo ();
} else if ( $command == 'getGeneralConfigItems' ) {
$this -> getGeneralConfigItems ( true , null );
} else if ( $command == 'getWaiterSettings' ) {
$this -> getWaiterSettings ();
// from here on admin rights are needed
} else if ( $command == 'getPayPrintType' ) {
$this -> getPayPrintType ();
} else if ( $command == 'getPayments' ) {
$this -> getPayments ();
} else if ( $command == 'autobackup' ) {
$this -> backup ( 'auto' , $_POST [ 'remoteaccesscode' ]);
2020-11-19 23:03:43 +01:00
} else if ( $command == 'autoftpbackup' ) {
$this -> ftpbackup ( 'auto' , $_POST [ 'remoteaccesscode' ]);
2020-11-19 22:59:47 +01:00
} else if ( $command == 'fill' ) {
$this -> fillSampleContent ();
echo json_encode ( array ( " status " => " OK " ));
} else if ( $command == 'fillSpeisekarte' ) {
$this -> fillSpeisekarte ( $_POST [ 'speisekarte' ]);
} else if ( $command == 'backup' ) {
$this -> backup ( $_GET [ 'type' ], null );
return ;
2020-11-19 23:03:43 +01:00
} else if ( $command == 'ftpbackup' ) {
$this -> ftpbackup ( $_GET [ 'type' ], null );
return ;
2020-11-19 22:59:47 +01:00
} else if ( $command == 'restore' ) {
$this -> restore ();
return ;
} else if ( $command == 'golive' ) {
$this -> golive ();
return ;
} else if ( $command == 'shutdown' ) {
$this -> shutdown ();
return ;
2020-11-19 23:00:46 +01:00
} else if ( $command == 'optimize' ) {
$this -> optimize ();
return ;
2020-11-19 22:59:47 +01:00
} else if ( $command == 'assignTaxes' ) {
$this -> assignTaxes ( $_POST [ 'food' ], $_POST [ 'drinks' ]);
return ;
} else if ( $command == 'exportConfigCsv' ) {
if ( $this -> isCurrentUserAdmin () || $this -> hasCurrentUserRight ( 'right_manager' )) {
$this -> exportConfigCsv ();
}
} else if ( $command == 'exportUserCsv' ) {
if ( $this -> isCurrentUserAdmin () || $this -> hasCurrentUserRight ( 'right_manager' )) {
$this -> exportUserCsv ();
}
2020-11-19 23:00:18 +01:00
} else if ( $command == 'exportLog' ) {
if ( $this -> isCurrentUserAdmin () || $this -> hasCurrentUserRight ( 'right_manager' )) {
$this -> exportLog ();
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'setOrderVolume' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setOrderVolume ( $_POST [ 'volume' ]);
}
2020-11-19 23:03:38 +01:00
} else if ( $command == 'setPreferTableMap' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setPreferTableMap ( $_POST [ 'prefertablemap' ]);
}
} else if ( $command == 'setPreferimgdesk' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setPreferimgdesk ( $_POST [ 'preferredvalue' ]);
}
} else if ( $command == 'setPreferimgmobile' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setPreferimgmobile ( $_POST [ 'preferredvalue' ]);
}
} else if ( $command == 'setPrefershowplusminus' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setShowplusminus ( $_POST [ 'preferredvalue' ]);
}
2020-11-19 23:10:06 +01:00
} else if ( $command == 'setPreferfixbtns' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setPreferfixbtns ( $_POST [ 'preferredvalue' ]);
}
2020-11-19 23:03:38 +01:00
} else if ( $command == 'setKeepTypeLevel' ) {
2020-11-19 22:59:47 +01:00
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setKeepTypeLevel ( $_POST [ 'keeptypelevel' ]);
}
2020-11-19 23:02:42 +01:00
} else if ( $command == 'setMobileTheme' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setMobileTheme ( $_POST [ 'mobiletheme' ]);
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'setApplyExtrasBtnPos' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setExtrasApplyBtnPos ( $_POST [ 'applyextrasbtnpos' ]);
}
2020-11-19 23:10:26 +01:00
} else if ( $command == 'setTablesAfterSend' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> setTablesAfterSend ( $_POST [ 'tablesaftersend' ]);
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'getOrderVolume' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getOrderVolume ();
}
} else if ( $command == 'getButtonSizes' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getButtonSizes ();
}
} else if ( $command == 'getPreferTableMap' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getPreferTableMap ();
}
2020-11-19 23:03:35 +01:00
} else if ( $command == 'getPreferimgdesk' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getPreferimgdesk ();
}
} else if ( $command == 'getPreferimgmobile' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getPreferimgmobile ();
2020-11-19 23:03:38 +01:00
}
} else if ( $command == 'getPrefershowplusminus' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getShowplusminus ();
}
2020-11-19 23:10:06 +01:00
} else if ( $command == 'getPreferfixbtns' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getPreferfixbtns ();
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'getKeepTypeLevel' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getKeepTypeLevel ();
}
2020-11-19 23:02:42 +01:00
} else if ( $command == 'getmobilecss' ) {
$this -> getmobilecss ();
} else if ( $command == 'getMobileTheme' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getMobileTheme ();
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'getApplyExtrasBtnPos' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getApplyExtrasBtnPos ();
}
2020-11-19 23:10:26 +01:00
} else if ( $command == 'getTablesAfterSend' ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
$this -> getTablesAfterSend ();
}
2020-11-19 22:59:47 +01:00
} else if ( $command == 'isInstalled' ) {
$this -> isInstalled ();
2020-11-19 22:59:57 +01:00
} else if ( $command == 'isPrinterServerActive' ) {
2020-11-19 23:00:58 +01:00
$this -> isPrinterServerActive ();
} else if ( $command == 'getWaiterMessage' ) {
$this -> getWaiterMessage ();
2020-11-19 23:03:07 +01:00
} else if ( $command == 'getDbStat' ) {
$this -> getDbStat ();
2020-11-19 23:03:20 +01:00
} else if ( $command == 'getprinterinstances' ) {
$this -> getPrinterInstances ();
} else if ( $command == 'setprinterinstances' ) {
$this -> setprinterinstances ( $_POST [ " k1 " ], $_POST [ " k2 " ], $_POST [ " k3 " ], $_POST [ " k4 " ], $_POST [ " k5 " ], $_POST [ " k6 " ], $_POST [ " f1 " ], $_POST [ " f2 " ], $_POST [ " d1 " ], $_POST [ " d2 " ]);
} else if ( $command == 'getdashreports' ) {
$this -> getdashreports ();
2020-11-19 23:10:21 +01:00
} else if ( $command == 'getDailycode' ) {
$this -> getDailycode ();
2020-11-19 22:59:47 +01:00
}
else {
echo " Command not supported. " ;
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:03:38 +01:00
2020-11-19 22:47:44 +01:00
/***
* Is the installation already done ? Or was the html / php code overwritten , i . e . a new or updated version to install ?
*/
private function isInstalled () {
2020-11-19 22:59:47 +01:00
if ( defined ( 'INSTALLSTATUS' )){
2020-11-19 22:47:44 +01:00
if ( INSTALLSTATUS == 'new' ) {
echo json_encode ( " No " );
} else {
echo json_encode ( " Yes " );
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
} else {
echo json_encode ( " No " );
}
}
2020-11-19 22:59:57 +01:00
private function isPrinterServerActive () {
2020-11-19 23:00:58 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
Hotelinterface :: hs3sync ( $pdo );
2020-11-19 23:10:06 +01:00
Guestsync :: sync ( $pdo );
2020-11-19 23:00:58 +01:00
2020-11-19 22:59:57 +01:00
$TIMEOUT = 20 ;
$active = json_encode ( array ( " status " => " OK " , " msg " => 1 ));
$notActive = json_encode ( array ( " status " => " OK " , " msg " => 0 ));
// check printmode
2020-11-19 23:00:58 +01:00
2020-11-19 23:00:35 +01:00
$printMode = CommonUtils :: getConfigValue ( $pdo , 'payprinttype' , " s " );
2020-11-19 22:59:57 +01:00
if ( $printMode != " s " ) {
echo $active ;
return ;
}
$sql = " SELECT count(id) as countid FROM %work% WHERE item=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( 'lastprtserveraccess' ));
$row = $stmt -> fetchObject ();
if ( $row -> countid == 0 ) {
echo $notActive ;
} else {
$sql = " SELECT value FROM %work% WHERE item=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( 'lastprtserveraccess' ));
$row = $stmt -> fetchObject ();
$lastaccess = $row -> value ;
date_default_timezone_set ( DbUtils :: getTimeZone ());
$date = new DateTime ();
$currentTimeStamp = $date -> getTimestamp ();
if (( $currentTimeStamp - $lastaccess ) > $TIMEOUT ) {
echo $notActive ;
} else {
echo $active ;
}
}
}
2020-11-19 22:47:44 +01:00
function isUserAlreadyLoggedInForPhp () {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:47:44 +01:00
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
return false ;
} else {
return true ;
}
}
function isUserAlreadyLoggedIn () {
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:59:47 +01:00
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
2020-11-19 22:47:44 +01:00
echo json_encode ( " NO " );
} else {
echo json_encode ( " YES " );
}
}
function logout () {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
2020-11-19 22:47:44 +01:00
session_start ();
2020-11-19 22:59:47 +01:00
session_destroy ();
2020-11-19 22:47:44 +01:00
}
echo json_encode ( " OK " );
}
static function isOnlyRatingUser ( $rightArr , $right_rating , $comparisonVal ) {
foreach ( $rightArr as $aRight ) {
if ( $aRight == $comparisonVal ) {
return false ;
}
}
if ( $right_rating == $comparisonVal ) {
return true ;
} else {
return false ;
}
}
2020-11-19 23:00:09 +01:00
function tryAuthenticate ( $userid , $password , $modus , $day , $month , $year , $hour , $minute , $unixtime ) {
2020-11-19 22:47:44 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:59:47 +01:00
$authenticated = false ;
2020-11-19 23:02:49 +01:00
$isLoginAllowed = self :: checkIsLoginAllowed ( $pdo , $userid );
if ( ! $isLoginAllowed ) {
Logger :: logcmd ( " admin " , " authentication " , " Login with id $userid failed " );
echo json_encode ( array ( " status " => " WAIT " ));
return ;
}
2020-11-19 23:03:48 +01:00
$sql = " SELECT *,%user%.id as id FROM %user%,%roles% WHERE %user%.id=? AND active='1' AND %user%.roleid=%roles%.id " ;
2020-11-19 23:11:27 +01:00
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $userid ));
2020-11-19 22:59:47 +01:00
$numberOfEntries = count ( $result );
2020-11-19 22:47:44 +01:00
if ( $numberOfEntries == 1 ) {
2020-11-19 22:59:47 +01:00
$zeile = $result [ 0 ];
$pass_hash = $zeile [ 'userpassword' ];
2020-11-19 22:54:12 +01:00
if ( $zeile [ 'is_admin' ] == 0 ) {
// authentication-check
}
2020-11-19 22:59:47 +01:00
// password_verify requires PHP > 5.5, so let's use MD5 instead
// (it is no banking software...)
if ( md5 ( $password ) == $pass_hash ) {
$authenticated = true ;
}
}
2020-11-19 22:47:44 +01:00
if ( $authenticated ) {
date_default_timezone_set ( DbUtils :: getTimeZone ());
$now = getdate ();
$serverDay = $now [ " mday " ];
$serverMonth = $now [ " mon " ];
$serverYear = $now [ " year " ];
$serverHour = $now [ " hours " ];
$serverMinute = $now [ " minutes " ];
$serverTime = $now [ " 0 " ];
$timeDiff = 0 ;
if ( abs ( $serverTime - $unixtime ) > ( 60 * 60 * 2 )) {
$timeDiff = 1 ;
}
ini_set ( 'session.gc_maxlifetime' , 65535 );
session_set_cookie_params ( 65535 );
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:47:44 +01:00
}
$username = $zeile [ " username " ];
2020-11-19 22:59:47 +01:00
$_SESSION [ 'angemeldet' ] = true ;
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
$_SESSION [ 'userid' ] = $zeile [ 'id' ];
2020-11-19 22:47:44 +01:00
$_SESSION [ 'currentuser' ] = $username ;
2020-11-19 23:00:09 +01:00
$_SESSION [ 'modus' ] = $modus ;
2020-11-19 22:47:44 +01:00
$workflow = $this -> getConfigItemsAsString ( $pdo , " workflowconfig " );
$rights = array ( $zeile [ 'is_admin' ], $zeile [ 'right_waiter' ], $zeile [ 'right_kitchen' ],
$zeile [ 'right_bar' ], $zeile [ 'right_supply' ], $zeile [ 'right_paydesk' ],
$zeile [ 'right_statistics' ], $zeile [ 'right_bill' ], $zeile [ 'right_products' ],
2020-11-19 23:02:08 +01:00
$zeile [ 'right_reservation' ], $zeile [ 'right_changeprice' ], $zeile [ 'right_customers' ], $zeile [ 'right_manager' ],
2020-11-19 23:11:27 +01:00
$zeile [ 'right_closing' ], $zeile [ 'right_dash' ], $zeile [ 'right_timetracking' ], $zeile [ 'right_timemanager' ]);
2020-11-19 22:47:44 +01:00
$right_rating = $zeile [ 'right_rating' ];
if ( self :: isOnlyRatingUser ( $rights , $right_rating , 1 )) {
$_SESSION [ 'right_rating' ] = true ;
$_SESSION [ 'is_admin' ] = false ;
$_SESSION [ 'right_waiter' ] = false ;
$_SESSION [ 'right_kitchen' ] = false ;
$_SESSION [ 'right_bar' ] = false ;
$_SESSION [ 'right_supply' ] = false ;
$_SESSION [ 'right_paydesk' ] = false ;
$_SESSION [ 'right_statistics' ] = false ;
$_SESSION [ 'right_bill' ] = false ;
$_SESSION [ 'right_products' ] = false ;
$_SESSION [ 'right_reservation' ] = false ;
$_SESSION [ 'right_changeprice' ] = false ;
2020-11-19 23:02:08 +01:00
$_SESSION [ 'right_customers' ] = false ;
2020-11-19 22:47:44 +01:00
$_SESSION [ 'right_manager' ] = false ;
2020-11-19 22:59:47 +01:00
$_SESSION [ 'right_closing' ] = false ;
2020-11-19 23:03:20 +01:00
$_SESSION [ 'right_dash' ] = false ;
2020-11-19 23:11:27 +01:00
$_SESSION [ 'right_timetracking' ] = false ;
$_SESSION [ 'right_timemanager' ] = false ;
2020-11-19 22:48:24 +01:00
$_SESSION [ 'keeptypelevel' ] = false ;
2020-11-19 22:59:47 +01:00
} else {
$_SESSION [ 'is_admin' ] = ( $zeile [ 'is_admin' ] == 1 ? true : false );
2020-11-19 22:47:44 +01:00
$_SESSION [ 'right_waiter' ] = ( $zeile [ 'right_waiter' ] == 1 ? true : false );
2020-11-19 22:55:30 +01:00
if (( $workflow == 2 ) || ( $workflow == 3 )) {
2020-11-19 22:59:47 +01:00
$_SESSION [ 'right_kitchen' ] = false ;
$_SESSION [ 'right_bar' ] = false ;
2020-11-19 22:47:44 +01:00
$_SESSION [ 'right_supply' ] = false ;
} else {
$_SESSION [ 'right_kitchen' ] = ( $zeile [ 'right_kitchen' ] == 1 ? true : false );
$_SESSION [ 'right_bar' ] = ( $zeile [ 'right_bar' ] == 1 ? true : false );
$_SESSION [ 'right_supply' ] = ( $zeile [ 'right_supply' ] == 1 ? true : false );
2020-11-19 22:59:47 +01:00
}
$_SESSION [ 'right_paydesk' ] = ( $zeile [ 'right_paydesk' ] == 1 ? true : false );
$_SESSION [ 'right_statistics' ] = ( $zeile [ 'right_statistics' ] == 1 ? true : false );
$_SESSION [ 'right_bill' ] = ( $zeile [ 'right_bill' ] == 1 ? true : false );
2020-11-19 22:47:44 +01:00
$_SESSION [ 'right_products' ] = ( $zeile [ 'right_products' ] == 1 ? true : false );
$_SESSION [ 'right_reservation' ] = ( $zeile [ 'right_reservation' ] == 1 ? true : false );
$_SESSION [ 'right_rating' ] = ( $zeile [ 'right_rating' ] == 1 ? true : false );
2020-11-19 22:59:47 +01:00
$_SESSION [ 'right_changeprice' ] = ( $zeile [ 'right_changeprice' ] == 1 ? true : false );
2020-11-19 23:02:08 +01:00
$_SESSION [ 'right_customers' ] = ( $zeile [ 'right_customers' ] == 1 ? true : false );
2020-11-19 22:47:44 +01:00
$_SESSION [ 'right_manager' ] = ( $zeile [ 'right_manager' ] == 1 ? true : false );
2020-11-19 22:59:47 +01:00
$_SESSION [ 'right_closing' ] = ( $zeile [ 'right_closing' ] == 1 ? true : false );
2020-11-19 23:03:20 +01:00
$_SESSION [ 'right_dash' ] = ( $zeile [ 'right_dash' ] == 1 ? true : false );
2020-11-19 23:11:27 +01:00
$_SESSION [ 'right_timetracking' ] = ( $zeile [ 'right_timetracking' ] == 1 ? true : false );
$_SESSION [ 'right_timemanager' ] = ( $zeile [ 'right_timemanager' ] == 1 ? true : false );
2020-11-19 22:48:24 +01:00
$_SESSION [ 'keeptypelevel' ] = ( $zeile [ 'keeptypelevel' ] == 1 ? true : false );
2020-11-19 22:47:44 +01:00
}
$this -> userrights -> setSession ( $_SESSION [ 'is_admin' ], $_SESSION [ 'right_waiter' ], $_SESSION [ 'right_kitchen' ],
$_SESSION [ 'right_bar' ], $_SESSION [ 'right_supply' ], $_SESSION [ 'right_paydesk' ], $_SESSION [ 'right_statistics' ],
2020-11-19 22:59:47 +01:00
$_SESSION [ 'right_bill' ], $_SESSION [ 'right_products' ], $_SESSION [ 'right_reservation' ], $_SESSION [ 'right_rating' ],
2020-11-19 23:03:20 +01:00
$_SESSION [ 'right_changeprice' ], $_SESSION [ 'right_customers' ], $_SESSION [ 'right_manager' ], $_SESSION [ 'right_closing' ],
2020-11-19 23:11:27 +01:00
$_SESSION [ 'right_dash' ], $_SESSION [ 'right_timetracking' ], $_SESSION [ 'right_timemanager' ]);
2020-11-19 22:47:44 +01:00
$assoc = array ( " 0 " => " roombtnsize " , " 1 " => " tablebtnsize " , " 2 " => " prodbtnsize " );
$_SESSION [ " roombtnsize " ] = $zeile [ 'roombtnsize' ];
$_SESSION [ " tablebtnsize " ] = $zeile [ 'tablebtnsize' ];
$_SESSION [ " prodbtnsize " ] = $zeile [ 'prodbtnsize' ];
$language = $zeile [ 'language' ];
if ( is_null ( $language )) {
$language = 0 ;
}
$_SESSION [ 'language' ] = intval ( $language );
$receiptprinter = $zeile [ 'receiptprinter' ];
if ( is_null ( $receiptprinter )) {
$receiptprinter = 1 ;
}
$_SESSION [ 'receiptprinter' ] = intval ( $receiptprinter );
$ preferTm = $zeile [ 'prefertablemap' ];
if ( is_null ( $preferTm )) {
$preferTm = 1 ;
}
$_SESSION [ 'prefertm' ] = intval ( $preferTm );
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$_SESSION [ 'timezone' ] = $this -> getTimeZone ( $pdo );
}
if ( $authenticated ) {
Logger :: logcmd ( " admin " , " authentication " , " Login $username successful " );
2020-11-19 23:02:49 +01:00
self :: clearFailedLogins ( $pdo , $userid );
2020-11-19 22:47:44 +01:00
$loginMessage = $this -> getMessage ( null , 'loginmessage' );
echo json_encode ( array ( " status " => " YES " , " loginmessage " => $loginMessage , " timediff " => $timeDiff , " isadmin " => $zeile [ 'is_admin' ], " lang " => $_SESSION [ " language " ]));
} else {
Logger :: logcmd ( " admin " , " authentication " , " Login with id $userid failed " );
2020-11-19 23:02:49 +01:00
self :: increaseFailedLogins ( $pdo , $userid );
2020-11-19 22:47:44 +01:00
echo json_encode ( array ( " status " => " NO " ));
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:02:49 +01:00
private static function checkIsLoginAllowed ( $pdo , $userid ) {
date_default_timezone_set ( DbUtils :: getTimeZone ());
$now = getdate ();
$serverTime = $now [ " 0 " ];
$sql = " SELECT failedlogins FROM %user% WHERE id=? " ;
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $userid ));
if ( is_null ( $row ) || is_null ( $row -> failedlogins )) {
return true ;
} else {
$lastFailure = explode ( " _ " , $row -> failedlogins )[ 0 ];
$attempt = intval ( explode ( " _ " , $row -> failedlogins )[ 1 ]);
if ( $attempt >= 5 ) {
if ( abs ( $serverTime - $lastFailure ) > ( 60 * 3 )) {
self :: clearFailedLogins ( $pdo , $userid );
return true ;
} else {
return false ;
}
} else {
return true ;
}
}
}
private static function increaseFailedLogins ( $pdo , $userid ) {
date_default_timezone_set ( DbUtils :: getTimeZone ());
$now = getdate ();
$serverTime = $now [ " 0 " ];
$lastFailure = ( string ) $serverTime . " _ " ;
$sql = " SELECT failedlogins FROM %user% WHERE id=? " ;
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $userid ));
if ( is_null ( $row ) || is_null ( $row -> failedlogins )) {
$lastFailure .= " 1 " ;
} else {
$attempt = intval ( explode ( " _ " , $row -> failedlogins )[ 1 ]);
$lastFailure .= ( $attempt + 1 );
}
$sql = " UPDATE %user% SET failedlogins=? WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $lastFailure , $userid ));
}
private static function clearFailedLogins ( $pdo , $userid ) {
$sql = " UPDATE %user% SET failedlogins=? WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( null , $userid ));
}
2020-11-19 22:47:44 +01:00
private function getMessage ( $pdo , $messageType ) {
if ( is_null ( $pdo )) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
}
$sql = " SELECT value FROM %work% WHERE item=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $messageType ));
$row = $stmt -> fetchObject ();
$msg = " " ;
if ( $stmt -> rowCount () > 0 ) {
$msg = $row -> value ;
}
return $msg ;
}
function getButtonSizes () {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
echo json_encode ( self :: getButtonSizesCore ( $pdo ));
}
private static function getButtonSizesCore ( $pdo ) {
$userid = $_SESSION [ 'userid' ];
$sql = " SELECT roombtnsize,tablebtnsize,prodbtnsize FROM %user% WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $userid ));
$row = $stmt -> fetchObject ();
$roombtnsize = $row -> roombtnsize ;
if ( is_null ( $roombtnsize )) {
$roombtnsize = 0 ;
}
$tablebtnsize = $row -> tablebtnsize ;
if ( is_null ( $tablebtnsize )) {
$tablebtnsize = 0 ;
}
$prodbtnsize = $row -> prodbtnsize ;
if ( is_null ( $prodbtnsize )) {
$prodbtnsize = 0 ;
}
return ( array ( " roombtnsize " => $roombtnsize , " tablebtnsize " => $tablebtnsize , " prodbtnsize " => $prodbtnsize ));
}
private static function getUserValue ( $item , $defaultvalue ) {
$userid = $_SESSION [ 'userid' ];
$sql = " SELECT $item AS result FROM %user% WHERE id=? " ;
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$stmt = $pdo -> prepare ( Dbutils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $userid ));
if ( $stmt -> rowCount () == 0 ) {
return $defaultvalue ;
}
$row = $stmt -> fetchObject ();
$aVal = 0 ;
if ( $row != null ) {
$aVal = $row -> result ;
if ( $aVal == null ) {
$aVal = $defaultvalue ;
}
}
echo json_encode ( $aVal );
}
function getPreferTableMap () {
self :: getUserValue ( 'prefertablemap' , 1 );
}
2020-11-19 23:03:35 +01:00
function getPreferimgdesk () {
self :: getUserValue ( 'preferimgdesk' , 0 );
}
function getPreferimgmobile () {
self :: getUserValue ( 'preferimgmobile' , 0 );
}
2020-11-19 23:03:38 +01:00
function getShowplusminus () {
2020-11-19 23:10:06 +01:00
echo json_encode ( self :: getUserValueAllowNull ( " showplusminus " ));
}
function getPreferfixbtns () {
echo json_encode ( self :: getUserValueAllowNull ( " preferfixbtns " ));
}
public static function getUserValueAllowNull ( $col ) {
2020-11-19 23:03:38 +01:00
$userid = $_SESSION [ 'userid' ];
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:10:06 +01:00
$sql = " SELECT IFNULL( $col ,0) AS result FROM %user% WHERE id=? " ;
2020-11-19 23:03:38 +01:00
$row = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $userid ));
$pdo = null ;
2020-11-19 23:10:06 +01:00
return $row -> result ;
2020-11-19 23:03:38 +01:00
}
2020-11-19 22:48:24 +01:00
function getKeepTypeLevel () {
self :: getUserValue ( 'keeptypelevel' , 1 );
}
2020-11-19 23:02:42 +01:00
function getmobilecss () {
$cssFile = " orderstyle.min.css " ;
if ( isset ( $_SESSION [ 'userid' ])) {
$userid = $_SESSION [ 'userid' ];
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " SELECT mobiletheme FROM %user% WHERE id=? " ;
$mobileTheme = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $userid ));
$cssFile = " orderstyle.min.css " ;
if ( $mobileTheme -> mobiletheme == 1 ) {
$cssFile = " orderstyle-pale.min.css " ;
}
}
$file = " 3rdparty/orderstyle/ $cssFile " ;
header ( 'Content-type: text/css' );
readfile ( $file );
}
function getMobileTheme () {
self :: getUserValue ( 'mobiletheme' , 0 );
}
2020-11-19 22:53:50 +01:00
function getApplyExtrasBtnPos () {
self :: getUserValue ( 'extrasapplybtnpos' , 1 );
}
2020-11-19 23:10:26 +01:00
function getTablesAfterSend () {
self :: getUserValue ( 'tablesaftersend' , 1 );
}
2020-11-19 22:47:44 +01:00
function getOrderVolume () {
self :: getUserValue ( 'ordervolume' , 0 );
}
private static function setUserValue ( $item , $theValue ) {
$userid = $_SESSION [ 'userid' ];
$sql = " UPDATE %user% SET $item =? WHERE id=? " ;
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$pdo -> beginTransaction ();
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $theValue , $userid ));
$pdo -> commit ();
echo json_encode ( array ( " status " => " OK " ));
}
function setOrderVolume ( $volume ) {
2020-11-19 22:48:24 +01:00
self :: setUserValue ( 'ordervolume' , $volume );
2020-11-19 22:47:44 +01:00
}
function setPreferTableMap ( $preferValue ) {
self :: setUserValue ( 'prefertablemap' , $preferValue );
}
2020-11-19 23:03:35 +01:00
function setPreferimgdesk ( $preferValue ) {
if ( $preferValue == 0 ) {
$preferValue = null ;
}
self :: setUserValue ( 'preferimgdesk' , $preferValue );
}
function setPreferimgmobile ( $preferValue ) {
if ( $preferValue == 0 ) {
$preferValue = null ;
}
self :: setUserValue ( 'preferimgmobile' , $preferValue );
}
2020-11-19 23:03:38 +01:00
function setShowplusminus ( $preferValue ) {
if ( $preferValue == 0 ) {
$preferValue = null ;
}
self :: setUserValue ( 'showplusminus' , $preferValue );
}
2020-11-19 23:10:06 +01:00
function setPreferfixbtns ( $preferValue ) {
if ( $preferValue == 0 ) {
$preferValue = null ;
}
self :: setUserValue ( 'preferfixbtns' , $preferValue );
}
2020-11-19 22:48:24 +01:00
function setKeepTypeLevel ( $preferValue ) {
self :: setUserValue ( 'keeptypelevel' , $preferValue );
}
2020-11-19 23:02:42 +01:00
function setMobileTheme ( $preferValue ) {
self :: setUserValue ( 'mobiletheme' , $preferValue );
}
2020-11-19 22:53:50 +01:00
function setExtrasApplyBtnPos ( $preferValue ) {
self :: setUserValue ( 'extrasapplybtnpos' , $preferValue );
}
2020-11-19 23:10:26 +01:00
function setTablesAfterSend ( $preferValue ) {
if ( $preferValue == 1 ) {
$preferValue = null ;
}
self :: setUserValue ( 'tablesaftersend' , $preferValue );
}
2020-11-19 22:47:44 +01:00
function setLastModuleOfUser ( $view ) {
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
if ( $view != " logout.php " ) {
$userid = $_SESSION [ 'userid' ];
2020-11-19 22:52:55 +01:00
$questPos = strpos ( $view , '?' );
if ( $questPos != false ) {
$view = substr ( $view , 0 , $questPos );
}
2020-11-19 22:47:44 +01:00
$sql = " UPDATE %user% SET lastmodule=? WHERE id=? AND active='1' " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:47:44 +01:00
$stmt -> execute ( array ( $view , $userid ));
}
echo json_encode ( array ( " status " => " OK " ));
2020-11-19 22:55:20 +01:00
} else {
echo json_encode ( array ( " status " => " Error " , " msg " => " Benutzer nicht eingeloggt " ));
2020-11-19 22:47:44 +01:00
}
}
public function getConfigItemsAsString ( $pdo , $key ) {
$sql = " SELECT setting FROM %config% WHERE name=? " ;
if ( is_null ( $pdo )) {
return " " ;
}
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ( array ( $key ));
$row = $stmt -> fetchObject ();
if ( $stmt -> rowCount () == 0 ) {
return " " ;
}
$theValue = $row -> setting ;
if ( is_null ( $theValue )) {
return " " ;
} else {
return $theValue ;
}
}
public static function overruleTimeZone ( $timezone ) {
self :: $timezone = $timezone ;
DbUtils :: overruleTimeZone ( $timezone );
}
public function getTimeZone ( $pdo ) {
if ( is_null ( self :: $timezone )) {
$timezone = $this -> getConfigItemsAsString ( $pdo , " timezone " );
if ( $timezone == " " ) {
$timezone = " Europe/Berlin " ;
}
return $timezone ;
} else {
return self :: $timezone ;
}
}
public function getEnv ( $pdo ) {
$installdate = $this -> getConfigItemsAsString ( $pdo , " installdate " );
$lastupdate = $this -> getConfigItemsAsString ( $pdo , " lastupdate " );
$version = $this -> getConfigItemsAsString ( $pdo , " version " );
return ( array ( " version " => $version , " installdate " => $installdate , " lastupdate " => $lastupdate ));
}
private function getWaiterSettings () {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$userLoggedIn = $this -> isUserAlreadyLoggedInForPhp ();
if ( ! $userLoggedIn ) {
$retVal = array ( " isUserLoggedIn " => 0 );
echo json_encode ( $retVal );
return ;
}
2020-11-19 23:10:21 +01:00
$configItems = join ( " , " , array ( " 'decpoint' " , " 'version' " , " 'cancelunpaidcode' " , " 'tax' " , " 'togotax' " , " 'taxaustrianormal' " , " 'taxaustriaerm1' " , " 'taxaustriaerm2' " , " 'taxaustriaspecial' " , " 'currency' " , " 'workflowconfig' " , " 'prominentsearch' " , " 'discount1' " , " 'discount2' " , " 'discount3' " , " 'discountname1' " , " 'discountname2' " , " 'discountname3' " , " 'waitergopayprint' " , " 'cashenabled' " , " 'returntoorder' " , " 'restaurantmode' " , " 'startprodsearch' " , " 'priceinlist' " , " 'showdaycode' " , " 'dailycode' " ));
2020-11-19 22:47:44 +01:00
$sql = " select name,setting FROM %config% WHERE name in ( $configItems ) " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$configitems = $stmt -> fetchAll ();
$configresult = array ();
foreach ( $configitems as $item ) {
$configresult [ $item [ " name " ]] = $item [ " setting " ];
}
$userlang = 0 ;
$right_changeprice = 0 ;
$supplyRight = 0 ;
if ( $userLoggedIn ) {
2020-11-19 23:10:26 +01:00
$sql = " SELECT language,right_supply,right_changeprice,keeptypelevel,extrasapplybtnpos,right_paydesk,IFNULL(preferimgdesk,0) as preferimgdesk,IFNULL(preferimgmobile,0) as preferimgmobile,IFNULL(showplusminus,0) as showplusminus,IFNULL(preferfixbtns,0) as preferfixbtns,IFNULL(tablesaftersend,1) as tablesaftersend FROM %user%,%roles% WHERE %user%.id=? AND %user%.roleid=%roles%.id " ;
2020-11-19 22:48:24 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $_SESSION [ 'userid' ]));
$row = $stmt -> fetchObject ();
2020-11-19 22:47:44 +01:00
}
$buttonSizes = self :: getButtonSizesCore ( $pdo );
2020-11-19 23:10:23 +01:00
$jsonMenuItems = $this -> getJsonMenuItemsAndVersionCore ( $pdo );
2020-11-19 22:47:44 +01:00
$retVal = array ( " config " => $configresult ,
2020-11-19 22:48:24 +01:00
" rightchangeprice " => $row -> right_changeprice ,
2020-11-19 23:00:09 +01:00
" rightpaydesk " => $row -> right_paydesk ,
2020-11-19 22:48:24 +01:00
" supplyright " => $row -> right_supply ,
" userlanguage " => $row -> language ,
2020-11-19 22:47:44 +01:00
" buttonsizes " => $buttonSizes ,
2020-11-19 22:48:24 +01:00
" keeptypelevel " => $row -> keeptypelevel ,
2020-11-19 22:53:50 +01:00
" extrasapplybtnpos " => $row -> extrasapplybtnpos ,
2020-11-19 23:10:26 +01:00
" tablesaftersend " => $row -> tablesaftersend ,
2020-11-19 22:47:44 +01:00
" isUserLoggedIn " => 1 ,
2020-11-19 23:03:35 +01:00
" jsonMenuItemsAndVersion " => $jsonMenuItems ,
" preferimgdesk " => $row -> preferimgdesk ,
2020-11-19 23:03:38 +01:00
" preferimgmobile " => $row -> preferimgmobile ,
2020-11-19 23:10:06 +01:00
" showplusminus " => $row -> showplusminus ,
" preferfixbtns " => $row -> preferfixbtns
2020-11-19 22:47:44 +01:00
);
echo json_encode ( $retVal );
}
public function getGeneralConfigItems ( $forHtml , $pdo ) {
$userLoggedIn = $this -> isUserAlreadyLoggedInForPhp ();
if ( $userLoggedIn || ( ! $forHtml )) {
2020-11-19 22:59:47 +01:00
if ( is_null ( $pdo )) {
2020-11-19 22:47:44 +01:00
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
2020-11-19 23:03:23 +01:00
$sql = " SELECT count(id) as countid FROM %config% WHERE name=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$companyInfo = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " companyinfo " , null );
$hosttext = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hosttext " , null );
$rectemplate = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " rectemplate " , null );
$foodtemplate = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " foodtemplate " , null );
$drinktemplate = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " drinktemplate " , null );
2020-11-19 23:03:48 +01:00
$canceltemplate = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " canceltemplate " , null );
2020-11-19 23:03:23 +01:00
$decpoint = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " decpoint " , null );
$version = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " version " , null );
$payprinttype = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " payprinttype " , null );
$cancelunpaidcode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " cancelunpaidcode " , null );
$cancelguestcode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " cancelguestcode " , null );
$tax = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " tax " , null );
$togotax = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " togotax " , null );
$taxaustrianormal = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " taxaustrianormal " , null );
$taxaustriaerm1 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " taxaustriaerm1 " , null );
$taxaustriaerm2 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " taxaustriaerm2 " , null );
$taxaustriaspecial = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " taxaustriaspecial " , null );
$serverurl = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " serverurl " , null );
2020-11-19 23:10:06 +01:00
$guesturl = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " guesturl " , null );
$guestcode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " guestcode " , null );
$dailycode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " dailycode " , null );
2020-11-19 23:03:23 +01:00
$email = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " email " , null );
$bigfontworkreceipt = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " bigfontworkreceipt " , null );
$prominentsearch = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " prominentsearch " , null );
2020-11-19 23:10:06 +01:00
$guestjobprint = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " guestjobprint " , null );
2020-11-19 23:10:21 +01:00
$askdaycode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " askdaycode " , null );
$showdaycode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showdaycode " , null );
$asktablecode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " asktablecode " , null );
$guesttimeout = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " guesttimeout " , 5 );
2020-11-19 23:03:23 +01:00
$discount1 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discount1 " , null );
$discount2 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discount2 " , null );
$discount3 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discount3 " , null );
$austria = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " austria " , null );
$digigopaysetready = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " digigopaysetready " , 1 );
$waitergopayprint = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " waitergopayprint " , 0 );
2020-11-19 23:03:26 +01:00
$oneprodworkrecf = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " oneprodworkrecf " , 0 );
$oneprodworkrecd = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " oneprodworkrecd " , 0 );
2020-11-19 23:03:23 +01:00
$digiprintwork = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " digiprintwork " , 1 );
2020-11-19 23:03:26 +01:00
$groupworkitemsf = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " groupworkitemsf " , 1 );
$groupworkitemsd = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " groupworkitemsd " , 1 );
2020-11-19 23:03:23 +01:00
$receiveremail = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " receiveremail " , " " );
$emailbadrating = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " emailbadrating " , " " );
$emailratingcontact = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " emailratingcontact " , " " );
$billlanguage = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " billlanguage " , null );
$hotelinterface = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hotelinterface " , 0 );
$hsinfile = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hsinfile " , null );
$hsoutfile = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hsoutfile " , null );
$hscurrency = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hscurrency " , null );
$currency = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " currency " , null );
$receiptfontsize = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " receiptfontsize " , null );
$reservationnote = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " reservationnote " , null );
$paymentconfig = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " paymentconfig " , 0 );
$workflowconfig = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " workflowconfig " , 0 );
$dashslot1 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " dashslot1 " , 1 );
$dashslot2 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " dashslot2 " , 2 );
$dashslot3 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " dashslot3 " , 3 );
$addreceipttoprinter = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " addreceipttoprinter " , " " );
$printandqueuejobs = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " printandqueuejobs " , 0 );
$cashenabled = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " cashenabled " , 1 );
$returntoorder = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " returntoorder " , 1 );
$beepcooked = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " beepcooked " , 0 );
2020-11-19 23:10:48 +01:00
$beepordered = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " beepordered " , 0 );
2020-11-19 23:02:57 +01:00
2020-11-19 23:03:23 +01:00
$closshowci = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " closshowci " , 1 );
$closshowpaytaxes = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " closshowpaytaxes " , 1 );
$closshowprods = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " closshowprods " , 1 );
$showpayment2 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment2 " , 1 );
$showpayment3 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment3 " , 1 );
$showpayment4 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment4 " , 1 );
$showpayment5 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment5 " , 1 );
$showpayment6 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment6 " , 1 );
$showpayment7 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment7 " , 1 );
$showpayment8 = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " showpayment8 " , 1 );
2020-11-19 23:02:57 +01:00
2020-11-19 23:03:23 +01:00
$restaurantmode = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " restaurantmode " , 1 );
2020-11-19 23:03:29 +01:00
$dblog = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " dblog " , 1 );
2020-11-19 23:10:46 +01:00
$printextras = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " printextras " , 0 );
$forceprint = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " forceprint " , 0 );
2020-11-19 23:03:35 +01:00
$priceinlist = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " priceinlist " , 0 );
2020-11-19 23:03:31 +01:00
$startprodsearch = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " startprodsearch " , 3 );
2020-11-19 22:47:44 +01:00
$smtphost = " " ;
$smtpauth = 1 ;
$smtpuser = " " ;
$smtppass = " " ;
$smtpsecure = 1 ;
$smtpport = " " ;
2020-11-19 23:03:48 +01:00
if ( ( isset ( $_SESSION [ 'is_admin' ]) && ( $_SESSION [ 'is_admin' ] == 1 )) || ( isset ( $_SESSION [ 'right_manager' ]) && ( $_SESSION [ 'right_manager' ]))) {
2020-11-19 23:03:23 +01:00
$smtphost = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtphost " , " " );
$smtpauth = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtpauth " , 1 );
$smtpuser = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtpuser " , " " );
$smtppass = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtppass " , " " );
$smtpsecure = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtpsecure " , 1 );
$smtpport = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " smtpport " , " " );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:03:23 +01:00
$discountname1 = trim ( CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discountname1 " , '' ));
$discountname2 = trim ( CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discountname2 " , '' ));
$discountname3 = trim ( CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " discountname3 " , '' ));
2020-11-19 23:02:42 +01:00
2020-11-19 23:03:23 +01:00
$memorylimit = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " memorylimit " , 256 );
2020-11-19 23:11:27 +01:00
$minbeforecome = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " minbeforecome " , 0 );
$minaftergo = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " minaftergo " , 0 );
2020-11-19 23:03:23 +01:00
$updateurl = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " updateurl " , " " );
2020-11-19 23:03:43 +01:00
$tmpdir = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " tmpdir " , " " );
$ftphost = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " ftphost " , " " );
$ftpuser = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " ftpuser " , " " );
$ftppass = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " ftppass " , " " );
2020-11-19 23:03:23 +01:00
$hs3refresh = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " hs3refresh " , 60 );
2020-11-19 23:00:58 +01:00
2020-11-19 23:03:23 +01:00
$paydeskid = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " paydeskid " , " " );
$aeskey = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " aeskey " , " " );
$certificatesn = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " certificatesn " , " " );
$rksvserver = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " rksvserver " , " " );
$webimpressum = CommonUtils :: getConfigValueStmt ( $pdo , $stmt , " webimpressum " , " " );
2020-11-19 22:47:44 +01:00
$userlang = 0 ; // of no interest, if not called from web
$receiptprinter = 1 ; // of no interest, if not called from web
$right_changeprice = 0 ;
if ( $userLoggedIn ) {
$userlang = $_SESSION [ " language " ];
$receiptprinter = $_SESSION [ 'receiptprinter' ];
$right_changeprice = ( $_SESSION [ 'right_changeprice' ] ? 1 : 0 );
}
2020-11-19 23:03:43 +01:00
$defaultTmp = sys_get_temp_dir ();
2020-11-19 22:47:44 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
$now = getdate ();
2020-11-19 22:59:47 +01:00
2020-11-19 23:03:48 +01:00
$retVal = array ( " companyinfo " => $companyInfo , " rectemplate " => $rectemplate , " foodtemplate " => $foodtemplate , " drinktemplate " => $drinktemplate , " canceltemplate " => $canceltemplate ,
2020-11-19 22:59:54 +01:00
" version " => $version , " decpoint " => $decpoint ,
2020-11-19 23:10:06 +01:00
" serverurl " => $serverurl , " guesturl " => $guesturl , " guestcode " => $guestcode , " dailycode " => $dailycode ,
" email " => $email , " receiveremail " => $receiveremail , " billlanguage " => $billlanguage ,
2020-11-19 23:00:58 +01:00
" hotelinterface " => $hotelinterface , " hsinfile " => $hsinfile , " hsoutfile " => $hsoutfile , " hscurrency " => $hscurrency ,
2020-11-19 22:47:44 +01:00
" payprinttype " => $payprinttype , " tax " => $tax , " togotax " => $togotax , " currency " => $currency ,
2020-11-19 23:00:31 +01:00
" taxaustrianormal " => $taxaustrianormal , " taxaustriaerm1 " => $taxaustriaerm1 , " taxaustriaerm2 " => $taxaustriaerm2 , " taxaustriaspecial " => $taxaustriaspecial ,
2020-11-19 22:47:44 +01:00
" userlanguage " => $userlang , " receiptprinter " => $receiptprinter ,
" receiptfontsize " => $receiptfontsize , " reservationnote " => $reservationnote , " paymentconfig " => $paymentconfig ,
2020-11-19 23:10:06 +01:00
" workflowconfig " => $workflowconfig , " emailratingcontact " => $emailratingcontact , " emailbadrating " => $emailbadrating , " guestjobprint " => $guestjobprint ,
2020-11-19 23:10:21 +01:00
" askdaycode " => $askdaycode , " asktablecode " => $asktablecode , " guesttimeout " => $guesttimeout , " showdaycode " => $showdaycode ,
2020-11-19 23:03:26 +01:00
" rightchangeprice " => $right_changeprice , " bigfontworkreceipt " => $bigfontworkreceipt , " prominentsearch " => $prominentsearch , " groupworkitemsf " => $groupworkitemsf , " groupworkitemsd " => $groupworkitemsd ,
2020-11-19 22:47:44 +01:00
" sday " => $now [ " mday " ], " smonth " => $now [ " mon " ], " syear " => $now [ " year " ], " shour " => $now [ " hours " ], " smin " => $now [ " minutes " ],
" smtphost " => $smtphost , " smtpauth " => $smtpauth , " smtpuser " => $smtpuser , " smtppass " => $smtppass , " smtpsecure " => $smtpsecure , " smtpport " => $smtpport ,
2020-11-19 23:02:12 +01:00
" webimpressum " => $webimpressum , " cancelunpaidcode " => $cancelunpaidcode , " cancelguestcode " => $cancelguestcode , " discount1 " => $discount1 , " discount2 " => $discount2 , " discount3 " => $discount3 ,
2020-11-19 23:03:26 +01:00
" austria " => $austria , " digigopaysetready " => $digigopaysetready , " waitergopayprint " => $waitergopayprint , " oneprodworkrecf " => $oneprodworkrecf , " oneprodworkrecd " => $oneprodworkrecd ,
2020-11-19 23:03:43 +01:00
" digiprintwork " => $digiprintwork , " memorylimit " => $memorylimit , " updateurl " => $updateurl , " tmpdir " => $tmpdir , " hs3refresh " => $hs3refresh ,
2020-11-19 23:11:27 +01:00
" minbeforecome " => $minbeforecome , " minaftergo " => $minaftergo ,
2020-11-19 23:02:19 +01:00
" paydeskid " => $paydeskid , " aeskey " => $aeskey , " certificatesn " => $certificatesn , " rksvserver " => $rksvserver , " addreceipttoprinter " => $addreceipttoprinter ,
2020-11-19 23:10:48 +01:00
" printandqueuejobs " => $printandqueuejobs , " cashenabled " => $cashenabled , " returntoorder " => $returntoorder , " beepcooked " => $beepcooked , " beepordered " => $beepordered , " restaurantmode " => $restaurantmode ,
2020-11-19 23:03:31 +01:00
" discountname1 " => $discountname1 , " discountname2 " => $discountname2 , " discountname3 " => $discountname3 , " dblog " => $dblog , " startprodsearch " => $startprodsearch ,
2020-11-19 23:10:46 +01:00
" closshowci " => $closshowci , " closshowpaytaxes " => $closshowpaytaxes , " closshowprods " => $closshowprods , " hosttext " => $hosttext , " forceprint " => $forceprint , " printextras " => $printextras ,
2020-11-19 23:02:57 +01:00
" showpayment2 " => $showpayment2 ,
" showpayment3 " => $showpayment3 ,
" showpayment4 " => $showpayment4 ,
" showpayment5 " => $showpayment5 ,
" showpayment6 " => $showpayment6 ,
" showpayment7 " => $showpayment7 ,
2020-11-19 23:03:20 +01:00
" showpayment8 " => $showpayment8 ,
2020-11-19 23:03:35 +01:00
" dashslot1 " => $dashslot1 , " dashslot2 " => $dashslot2 , " dashslot3 " => $dashslot3 ,
2020-11-19 23:03:43 +01:00
" priceinlist " => $priceinlist ,
" defaulttmp " => $defaultTmp ,
" ftphost " => $ftphost , " ftpuser " => $ftpuser , " ftppass " => $ftppass
2020-11-19 22:58:17 +01:00
);
2020-11-19 22:47:44 +01:00
2020-11-19 23:02:57 +01:00
2020-11-19 22:47:44 +01:00
if ( $forHtml ) {
echo json_encode ( array ( " status " => " OK " , " msg " => $retVal ));
} else {
return $retVal ;
}
} else {
if ( $forHtml ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_NOT_AUTHOTRIZED , " msg " => ERROR_NOT_AUTHOTRIZED_MSG ));
} else {
return null ;
}
}
}
function getViewAfterLogin () {
2020-11-19 22:59:47 +01:00
if ( $this -> isUserAlreadyLoggedInForPhp ()) {
2020-11-19 22:47:44 +01:00
$userid = $_SESSION [ 'userid' ];
2020-11-19 23:00:09 +01:00
$modus = $_SESSION [ 'modus' ];
2020-11-19 22:47:44 +01:00
$rights = array ( $_SESSION [ 'is_admin' ], $_SESSION [ 'right_waiter' ], $_SESSION [ 'right_kitchen' ],
$_SESSION [ 'right_bar' ], $_SESSION [ 'right_supply' ], $_SESSION [ 'right_paydesk' ],
$_SESSION [ 'right_statistics' ], $_SESSION [ 'right_bill' ], $_SESSION [ 'right_products' ],
2020-11-19 23:03:20 +01:00
$_SESSION [ 'right_reservation' ], $_SESSION [ 'right_changeprice' ], $_SESSION [ 'right_customers' ],
$_SESSION [ 'right_manager' ], $_SESSION [ 'right_closing' ], $_SESSION [ 'right_dash' ]);
2020-11-19 22:47:44 +01:00
$right_rating = $_SESSION [ 'right_rating' ];
if ( self :: isOnlyRatingUser ( $rights , $right_rating , true )) {
echo json_encode ( " rating.html " );
return ;
}
$sql = " SELECT lastmodule FROM %user% WHERE id=? AND active='1' " ;
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:59:47 +01:00
$stmt -> execute ( array ( $userid ));
$row = $stmt -> fetchObject ();
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
$view = " preferences.html " ;
2020-11-19 22:47:44 +01:00
if ( $row != null ) {
$newView = $row -> lastmodule ;
if ( $newView != null ) {
$view = $newView ;
2020-11-19 23:00:09 +01:00
if ( $modus == 1 ) {
if ( $view == " waiter.html " ) {
$view = " waiterdesktop.php " ;
} else if ( $view == " paydesk.html " ) {
$view = " waiterdesktop.php " ;
}
} else {
if ( $view == " waiterdesktop.php " ) {
$view = " waiter.html " ;
}
}
2020-11-19 22:47:44 +01:00
}
}
$mapping = array (
" waiter.html " => 'right_waiter' ,
" kitchen.html " => 'right_kitchen' ,
" bar.html " => 'right_bar' ,
" supplydesk.html " => 'right_supply' ,
" paydesk.html " => 'right_paydesk' ,
" reports.html " => 'right_statistics' ,
" bill.html " => 'right_bill' ,
" products.html " => 'right_products' ,
" reservation.html " => 'right_reservation' ,
2020-11-19 23:00:09 +01:00
" rating.html " => 'right_rating' ,
2020-11-19 23:02:08 +01:00
" customers.html " => 'right_customers' ,
2020-11-19 23:03:20 +01:00
" waiterdesktop.php " => 'right_waiter' ,
2020-11-19 23:11:27 +01:00
" dash.php " => 'right_dash' ,
" timetracking.html " => 'right_timetracking'
2020-11-19 22:47:44 +01:00
);
$valid = false ;
2020-11-19 23:03:31 +01:00
if (( $view == 'preferences.html' ) || ( $view == 'feedback.html' ) || ( $view == 'help.php' )) {
2020-11-19 22:47:44 +01:00
$valid = true ;
} else if ( $view == 'manager.html' ) {
2020-11-19 23:03:48 +01:00
if (( $_SESSION [ 'is_admin' ]) || ( $_SESSION [ 'right_manager' ]) || ( $_SESSION [ 'right_closing' ])) {
2020-11-19 22:47:44 +01:00
$valid = true ;
}
} else {
2020-11-19 23:03:48 +01:00
if (( $view == " index.html " ) || ( $_SESSION [ $mapping [ $view ]])) {
2020-11-19 22:47:44 +01:00
$valid = true ;
}
}
if ( $valid == false ) {
$view = " preferences.html " ;
}
2020-11-19 22:59:47 +01:00
2020-11-19 23:11:27 +01:00
echo json_encode ( $view . " ?v=1.5.0 " );
2020-11-19 22:47:44 +01:00
}
}
function isLoggedinUserAdmin () {
if ( $this -> isCurrentUserAdmin ()) {
echo json_encode ( YES );
} else {
echo json_encode ( NO );
}
}
2020-11-19 23:00:09 +01:00
// public static function startsWith($txt,$key) {
// $ret = (substr($txt, 0, strlen($key)) === $key);
// return (substr($txt, 0, strlen($key)) === $key);
// }
2020-11-19 22:59:47 +01:00
function isLoggedinUserAdminOrManagerOrTE () {
if ( $this -> hasCurrentUserRight ( 'is_admin' )) {
echo json_encode ( " admin " );
} else if ( $this -> hasCurrentUserRight ( 'right_manager' )) {
echo json_encode ( " manager " );
} else if ( $this -> hasCurrentUserRight ( 'right_closing' )) {
echo json_encode ( " closing " );
} else {
echo json_encode ( NO );
}
}
function isLoggedinUserKitchen () {
if ( $this -> hasCurrentUserRight ( 'right_kitchen' )) {
2020-11-19 22:47:44 +01:00
echo json_encode ( YES );
} else {
echo json_encode ( NO );
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
function isLoggedinUserBar () {
if ( $this -> hasCurrentUserRight ( 'right_bar' )) {
echo json_encode ( YES );
} else {
echo json_encode ( NO );
}
2020-11-19 22:47:44 +01:00
}
function hasUserPaydeskRight () {
2020-11-19 22:59:47 +01:00
if ( $this -> hasCurrentUserRight ( 'right_paydesk' )) {
echo json_encode ( YES );
} else {
echo json_encode ( NO );
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 22:59:47 +01:00
function hasUserReservationRight () {
if ( $this -> hasCurrentUserRight ( 'right_reservation' )) {
echo json_encode ( YES );
} else {
echo json_encode ( NO );
}
2020-11-19 22:47:44 +01:00
}
function hasCurrentUserRight ( $whichRight ) {
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:59:47 +01:00
}
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
return false ;
} else {
return ( $_SESSION [ $whichRight ]);
2020-11-19 22:47:44 +01:00
}
}
function isCurrentUserAdmin () {
2020-11-19 22:59:47 +01:00
return $this -> hasCurrentUserRight ( 'is_admin' );
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:54:51 +01:00
function fillSampleContentBySqlFile ( $pdo , $sqlFile ) {
2020-11-19 22:59:47 +01:00
$handle = fopen ( $sqlFile , " r " );
while ( ! feof ( $handle )) {
2020-11-19 22:54:51 +01:00
$sql = fgets ( $handle );
2020-11-19 22:59:47 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
}
2020-11-19 22:47:44 +01:00
fclose ( $handle );
}
private function assignTaxes ( $foodTax , $drinksTax ) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$pdo -> beginTransaction ();
2020-11-19 23:00:31 +01:00
try {
$sql = " UPDATE %products%,%prodtype% SET %products%.taxaustria=? WHERE %products%.category=%prodtype%.id AND %prodtype%.kind=? AND %products%.removed is null AND %prodtype%.removed is null " ;
2020-11-19 22:47:44 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $foodTax , 0 ));
$stmt -> execute ( array ( $drinksTax , 1 ));
2020-11-19 22:59:47 +01:00
HistFiller :: readAllProdsAndFillHistByDb ( $pdo );
2020-11-19 22:47:44 +01:00
$pdo -> commit ();
echo json_encode ( array ( " status " => " OK " ));
} catch ( Exception $e ) {
$pdo -> rollBack ();
echo json_encode ( array ( " status " => " ERROR " , " code " => NUMBERFORMAT_ERROR , " msg " => NUMBERFORMAT_ERROR_MSG ));
}
}
private function fillSpeisekarte ( $speisekarte ) {
2020-11-19 22:59:47 +01:00
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:47:44 +01:00
$pdo -> beginTransaction ();
$ret = $this -> fillSpeisekarteCore ( $pdo , $speisekarte );
if ( $ret [ " status " ] != " OK " ) {
$pdo -> rollBack ();
} else {
$pdo -> commit ();
}
echo json_encode ( $ret );
}
2020-11-19 23:03:38 +01:00
public function fillSpeisekarteCore ( $pdo , $speisekarte , $doCleanProdImages = true ) {
2020-11-19 22:47:44 +01:00
$sql = " DELETE FROM %extrasprods% " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
$stmt -> execute ();
$speisekartenHandler = new TypeAndProductFileManager ();
$ret = $speisekartenHandler -> manageSpeisekarte ( $pdo , $speisekarte );
2020-11-19 23:00:05 +01:00
2020-11-19 23:03:38 +01:00
if ( $doCleanProdImages ) {
Products :: cleanProdImagesTable ( $pdo );
}
2020-11-19 23:03:35 +01:00
2020-11-19 23:10:23 +01:00
$basedb = new Basedb ();
$basedb -> sortProdTypes ( $pdo );
2020-11-19 22:47:44 +01:00
return $ret ;
}
private function fillSampleContent ()
{
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:59:47 +01:00
$sql = " DELETE FROM `%queue%` " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$this -> fillSampleContentBySqlFile ( $pdo , " samples/queuecontent.txt " );
2020-11-19 22:47:44 +01:00
$sql = " DELETE FROM `%hist%` WHERE action='3' OR action='7' OR action='8' " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
$sql = " DELETE FROM `%histuser%` " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
$sql = " DELETE FROM `%user%` " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$this -> fillSampleContentBySqlFile ( $pdo , " samples/usercontent.txt " );
2020-11-19 22:47:44 +01:00
2020-11-19 22:54:51 +01:00
$this -> histfiller -> readUserTableAndSendToHist ( $pdo );
2020-11-19 22:47:44 +01:00
}
function getJsonMenuItemsAndVersion () {
2020-11-19 23:10:23 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
echo json_encode ( $this -> getJsonMenuItemsAndVersionCore ( $pdo ));
2020-11-19 22:47:44 +01:00
}
/*
* Return all the entries for the main menu ( the modules )
*/
2020-11-19 23:10:23 +01:00
private function getJsonMenuItemsAndVersionCore ( $pdo ) {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:47:44 +01:00
}
$mainMenu = array ();
$currentUser = " " ;
$waiterMessage = " " ;
$loggedIn = true ;
2020-11-19 22:59:47 +01:00
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
2020-11-19 22:47:44 +01:00
$mainMenu [] = array ( " name " => " Startseite " , " link " => " index.html " );
2020-11-19 22:59:47 +01:00
$loggedIn = false ;
2020-11-19 22:47:44 +01:00
} else {
$lang = $_SESSION [ 'language' ];
2020-11-19 23:00:09 +01:00
$waiterdesktxt = array ( " Kellneransicht " , " Waiter's View " , " Vista de camareros " );
2020-11-19 22:47:44 +01:00
$kitchentxt = array ( " Küche " , " Kitchen " , " Cocina " );
2020-11-19 23:11:27 +01:00
$timetrackingtxt = array ( " Zeiterfassung " , " Time tracking " , " Tiempos " );
2020-11-19 23:00:09 +01:00
$waitertxt = array ( " Bestellung " , " Orderdesk " , " Camarero " );
2020-11-19 22:47:44 +01:00
$paydesktxt = array ( " Kasse " , " Paydesk " , " Caja " );
$settingtxt = array ( " Einstellungen " , " Preferences " , " Propriedades " );
$admintxt = array ( " Verwaltung " , " Administration " , " Administrar " );
$supplytxt = array ( " Bereitstellung " , " Supply desk " , " Preparado " );
$prodtxt = array ( " Angebot " , " Products " , " Productos " );
$restxt = array ( " Reservierung " , " Reservation " , " Reserva " );
$bontxt = array ( " Kassenbons " , " Receipts " , " Tiques " );
$stattxt = array ( " Statistik " , " Statistics " , " Estadisticas " );
$ratingtxt = array ( " Bewertung " , " Rating " , " Valoración " );
2020-11-19 23:02:08 +01:00
$customerstxt = array ( " Gäste " , " Guests " , " Clientes " );
2020-11-19 23:03:20 +01:00
$dashtxt = array ( " Dashboard " , " Dashboard " , " Dashboard " );
2020-11-19 22:47:44 +01:00
$logout = array ( " Abmelden " , " Log out " , " Adios " );
$rights = array ( $_SESSION [ 'is_admin' ], $_SESSION [ 'right_waiter' ], $_SESSION [ 'right_kitchen' ],
$_SESSION [ 'right_bar' ], $_SESSION [ 'right_supply' ], $_SESSION [ 'right_paydesk' ],
$_SESSION [ 'right_statistics' ], $_SESSION [ 'right_bill' ], $_SESSION [ 'right_products' ],
2020-11-19 23:02:08 +01:00
$_SESSION [ 'right_reservation' ], $_SESSION [ 'right_changeprice' ], $_SESSION [ 'right_customers' ],
2020-11-19 23:11:27 +01:00
$_SESSION [ 'right_manager' ], $_SESSION [ 'right_closing' ], $_SESSION [ 'right_dash' ], $_SESSION [ 'right_timetracking' ], $_SESSION [ 'right_timemanager' ]);
2020-11-19 22:47:44 +01:00
$right_rating = $_SESSION [ 'right_rating' ];
2020-11-19 23:00:09 +01:00
if ( ! self :: isOnlyRatingUser ( $rights , $right_rating , true )) {
if ( $_SESSION [ 'modus' ] == 0 ) {
2020-11-19 23:11:27 +01:00
if ( $_SESSION [ 'right_waiter' ]) { $mainMenu [] = array ( " name " => $waitertxt [ $lang ], " link " => " waiter.html?v=1.5.0 " ); }
2020-11-19 23:00:09 +01:00
} else {
2020-11-19 23:11:27 +01:00
if ( $_SESSION [ 'right_waiter' ]) { $mainMenu [] = array ( " name " => $waiterdesktxt [ $lang ], " link " => " waiterdesktop.php?v=1.5.0 " ); }
2020-11-19 23:00:09 +01:00
}
2020-11-19 23:11:27 +01:00
if ( $_SESSION [ 'right_kitchen' ]) { $mainMenu [] = array ( " name " => $kitchentxt [ $lang ], " link " => " kitchen.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_bar' ]) { $mainMenu [] = array ( " name " => " Bar " , " link " => " bar.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_supply' ]) { $mainMenu [] = array ( " name " => $supplytxt [ $lang ], " link " => " supplydesk.html?v=1.5.0 " ); }
2020-11-19 23:00:09 +01:00
if ( $_SESSION [ 'modus' ] == 0 ) {
2020-11-19 23:11:27 +01:00
if ( $_SESSION [ 'right_paydesk' ]) { $mainMenu [] = array ( " name " => $paydesktxt [ $lang ], " link " => " paydesk.html?v=1.5.0 " ); }
2020-11-19 23:00:09 +01:00
}
2020-11-19 23:11:27 +01:00
if ( $_SESSION [ 'right_statistics' ]) { $mainMenu [] = array ( " name " => $stattxt [ $lang ], " link " => " reports.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_bill' ]) { $mainMenu [] = array ( " name " => $bontxt [ $lang ], " link " => " bill.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_products' ]) { $mainMenu [] = array ( " name " => $prodtxt [ $lang ], " link " => " products.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_reservation' ]) { $mainMenu [] = array ( " name " => $restxt [ $lang ], " link " => " reservation.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_rating' ]) { $mainMenu [] = array ( " name " => $ratingtxt [ $lang ], " link " => " rating.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_customers' ]) { $mainMenu [] = array ( " name " => $customerstxt [ $lang ], " link " => " customers.html?v=1.5.0 " ); }
if ( $_SESSION [ 'right_dash' ]) { $mainMenu [] = array ( " name " => $dashtxt [ $lang ], " link " => " dash.php?v=1.5.0 " ); }
if ( $_SESSION [ 'right_manager' ] || $_SESSION [ 'is_admin' ] || $_SESSION [ 'right_closing' ]) { $mainMenu [] = array ( " name " => $admintxt [ $lang ], " link " => " manager.html?v=1.5.0 " ); }
$mainMenu [] = array ( " name " => $settingtxt [ $lang ], " link " => " preferences.html?v=1.5.0 " );
if ( $_SESSION [ 'right_timetracking' ] || $_SESSION [ 'right_timemanager' ]) { $mainMenu [] = array ( " name " => $timetrackingtxt [ $lang ], " link " => " timetracking.html?v=1.5.0 " ); }
$mainMenu [] = array ( " name " => " Hilfe " , " link " => " help.php?v=1.5.0 " );
$mainMenu [] = array ( " name " => " Feedback " , " link " => " feedback.html?v=1.5.0 " );
2020-11-19 22:47:44 +01:00
}
$mainMenu [] = array ( " name " => $logout [ $lang ], " link " => " logout.php " );
$currentUser = $_SESSION [ 'currentuser' ];
2020-11-19 22:59:47 +01:00
$waiterMessage = $this -> getMessage ( null , " waitermessage " );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:10:23 +01:00
$installedVersion = CommonUtils :: getConfigValue ( $pdo , 'version' , '?' );
$mainMenuAndVersion = array ( " version " => " OrderSprinter $installedVersion " ,
2020-11-19 22:47:44 +01:00
" user " => $currentUser ,
" menu " => $mainMenu ,
" waitermessage " => $waiterMessage ,
" loggedin " => ( $loggedIn ? 1 : 0 )
);
return ( $mainMenuAndVersion );
}
2020-11-19 23:03:20 +01:00
private function getPrinterInstances () {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$k1 = CommonUtils :: getConfigValue ( $pdo , 'k1prinstance' , 1 );
$k2 = CommonUtils :: getConfigValue ( $pdo , 'k2prinstance' , 1 );
$k3 = CommonUtils :: getConfigValue ( $pdo , 'k3prinstance' , 1 );
$k4 = CommonUtils :: getConfigValue ( $pdo , 'k4prinstance' , 1 );
$k5 = CommonUtils :: getConfigValue ( $pdo , 'k5prinstance' , 1 );
$k6 = CommonUtils :: getConfigValue ( $pdo , 'k6prinstance' , 1 );
$f1 = CommonUtils :: getConfigValue ( $pdo , 'f1prinstance' , 1 );
$f2 = CommonUtils :: getConfigValue ( $pdo , 'f2prinstance' , 1 );
$d1 = CommonUtils :: getConfigValue ( $pdo , 'd1prinstance' , 1 );
$d2 = CommonUtils :: getConfigValue ( $pdo , 'd2prinstance' , 1 );
$ret = array ( " k1 " => $k1 , " k2 " => $k2 , " k3 " => $k3 , " k4 " => $k4 , " k5 " => $k5 , " k6 " => $k6 , " d1 " => $d1 , " d2 " => $d2 , " f1 " => $f1 , " f2 " => $f2 );
echo json_encode ( array ( " status " => " OK " , " msg " => $ret ));
} catch ( Exception $ex ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Error: $e " ));
return ;
}
}
private function setprinterinstances ( $k1 , $k2 , $k3 , $k4 , $k5 , $k6 , $f1 , $f2 , $d1 , $d2 ) {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " UPDATE %config% SET setting=? WHERE name=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $k1 , " k1prinstance " ));
$stmt -> execute ( array ( $k2 , " k2prinstance " ));
$stmt -> execute ( array ( $k3 , " k3prinstance " ));
$stmt -> execute ( array ( $k4 , " k4prinstance " ));
$stmt -> execute ( array ( $k5 , " k5prinstance " ));
$stmt -> execute ( array ( $k6 , " k6prinstance " ));
$stmt -> execute ( array ( $f1 , " f1prinstance " ));
$stmt -> execute ( array ( $f2 , " f2prinstance " ));
$stmt -> execute ( array ( $d1 , " d1prinstance " ));
$stmt -> execute ( array ( $d2 , " d2prinstance " ));
echo json_encode ( array ( " status " => " OK " ));
} catch ( Exception $ex ) {
}
}
private function getdashreports () {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$reports = new Reports ();
$stat = $reports -> getStatsCore ( $pdo , true );
echo json_encode ( array ( " status " => " OK " , " msg " => array ( " stat " => $stat )));
} catch ( Exception $ex ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Error: " . $ex -> getMessage ()));
return ;
}
}
2020-11-19 23:10:21 +01:00
private function getDailycode () {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$dailycode = CommonUtils :: getConfigValue ( $pdo , 'dailycode' , " " );
echo json_encode ( array ( " status " => " OK " , " msg " => $dailycode ));
} catch ( Exception $ex ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Error: " . $ex -> getMessage ()));
return ;
}
}
2020-11-19 23:03:07 +01:00
private function getDbStat () {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " SELECT table_name, round(sum( data_length + index_length ) / 1024) as tablesizeinmb FROM information_schema.TABLES " ;
$sql .= " WHERE table_schema=? AND table_name like ? group by table_name order by table_name " ;
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( MYSQL_DB , TAB_PREFIX . " % " ));
$max = 0 ;
foreach ( $result as $aTableResult ) {
$size = intval ( $aTableResult [ " tablesizeinmb " ]);
if ( $max < $size ) {
$max = $size ;
}
}
echo json_encode ( array ( " status " => " OK " , " msg " => array ( " max " => $max , " tablesizes " => $result )));
} catch ( Exception $e ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Error: $e " ));
return ;
}
}
2020-11-19 23:00:58 +01:00
private function getWaiterMessage () {
try {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$waiterMessage = $this -> getMessage ( null , " waitermessage " );
echo json_encode ( array ( " status " => " OK " , " msg " => $waiterMessage ));
} catch ( Exception $e ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Error: $e " ));
return ;
}
}
private function getHotelInfo ( $pdo ) {
try {
$hotelinterface = CommonUtils :: getConfigValue ( $pdo , " hotelinterface " , 0 );
$guests = array ();
if ( $hotelinterface == 1 ) {
$sql = " SELECT reservationid,object,guest FROM %hsout% " ;
$guests = CommonUtils :: fetchSqlAll ( $pdo , $sql , null );
}
return ( array ( " status " => " OK " , " hotelinterface " => $hotelinterface , " guests " => $guests ));
} catch ( Exception $e ) {
return ( array ( " status " => " ERROR " , " hotelinterface " => 0 , " guests " => array ()));
}
}
2020-11-19 23:02:08 +01:00
private function getGuestInfo ( $pdo ) {
try {
2020-11-19 23:03:04 +01:00
$sql = " SELECT %customers%.id as id,%customers%.id as object,CONCAT(IFNULL(name,''),' - ',IFNULL(room,'')) as guest " ;
$sql .= " FROM %customers%,%vacations% " ;
$sql .= " WHERE %customers%.id=%vacations%.customerid AND ( " ;
$sql .= " ((checkin <= CURDATE()) AND (CURDATE() <= checkout)) " ;
$sql .= " OR (checkin is null AND (CURDATE() <= checkout)) " ;
$sql .= " OR ((checkin <= CURDATE()) AND checkout is null) " ;
2020-11-19 23:03:26 +01:00
$sql .= " ) GROUP BY id,object,guest " ;
2020-11-19 23:02:08 +01:00
$guests = CommonUtils :: fetchSqlAll ( $pdo , $sql , null );
return ( array ( " status " => " OK " , " guests " => $guests ));
} catch ( Exception $ex ) {
return ( array ( " status " => " ERROR " ));
}
}
2020-11-19 23:03:48 +01:00
function getRoleList () {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$roles = $this -> getRoleListCore ( $pdo );
echo json_encode ( array ( " status " => " OK " , " msg " => $roles ));
}
function getRoleListCore ( $pdo ) {
2020-11-19 23:03:51 +01:00
$sql = " SELECT * from %roles% ORDER BY is_admin,right_manager,right_waiter DESC,right_kitchen DESC,right_bar DESC,right_paydesk DESC,right_bill DESC,right_supply DESC " ;
2020-11-19 23:03:48 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$roles = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
return $roles ;
}
2020-11-19 22:47:44 +01:00
function getUserList () {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:03:51 +01:00
$sql = " SELECT *,%user%.id as id,is_admin,right_manager FROM %user%,%roles% WHERE active='1' AND %user%.roleid=%roles%.id ORDER BY is_admin,right_manager,right_waiter DESC,right_kitchen DESC,right_bar DESC,right_paydesk DESC,right_bill DESC,right_supply DESC " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
2020-11-19 23:03:48 +01:00
$users = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
$roles = $this -> getRoleListCore ( $pdo );
echo json_encode ( array ( " users " => $users , " roles " => $roles ));
2020-11-19 22:47:44 +01:00
}
function setTime ( $day , $month , $year , $hour , $min ) {
if ( ! ( $this -> userrights -> hasCurrentUserRight ( 'is_admin' ))) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Benutzerrechte nicht ausreichend! " ));
return false ;
} else {
$txt = sprintf ( " %02d " , $month ) . sprintf ( " %02d " , $day ) . sprintf ( " %02d " , $hour ) . sprintf ( " %02d " , $min ) . $year = substr ( $year , - 2 );;
try {
if ( substr ( php_uname (), 0 , 7 ) == " Windows " ){
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Zeit auf Windows-Server kann nicht gesetzt werden! " ));
return false ;
}
else {
$cmd = " date \" $txt\ " " ;
shell_exec ( $cmd . " > /dev/null & " );
}
} catch ( Exception $e ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_SCRIPT_NOT_EXECUTABLE , " msg " => ERROR_SCRIPT_NOT_EXECUTABLE_MSG ));
}
$this -> getGeneralConfigItems ( true , null );
}
}
2020-11-19 23:03:48 +01:00
function updateRole () {
if ( session_id () == '' ) {
session_start ();
}
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:10:06 +01:00
if (( $_POST [ " isAdmin " ] == 1 ) && ( ! $_SESSION [ 'is_admin' ])) {
2020-11-19 23:03:48 +01:00
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Nicht-Admins dürfen keine Rollen mit Admin-Rechten setzen! " ));
return ;
}
$roleid = $_POST [ " roleid " ];
$roleIsAdmin = self :: isRoleAdmin ( $pdo , $roleid );
if ( $roleIsAdmin && ! ( $this -> isCurrentUserAdmin ())) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Benutzer ist kein Admin und darf keine Admin-Rollen bearbeiten! " ));
return ;
}
$sql = " SELECT id FROM %user% WHERE roleid=? AND active='1' " ;
$effectedUsers = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $roleid ));
$keys = array ();
$vals = array ();
foreach ( DbUtils :: $userCols as $userCol ) {
if ( ! is_null ( $userCol [ " update " ])) {
$key = $userCol [ " col " ];
$keys [] = $key . " =? " ;
$vals [] = $_POST [ $userCol [ " update " ]];
}
}
$keys [] = " name=? " ;
$vals [] = $_POST [ " username " ];
$vals [] = $roleid ;
$keysStr = join ( " , " , $keys );
$sql = " UPDATE %roles% SET " . $keysStr . " WHERE id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( $vals );
foreach ( $effectedUsers as $aUser ) {
$userid = $aUser [ " id " ];
HistFiller :: updateUserInHist ( $pdo , $userid );
}
echo json_encode ( array ( " status " => " OK " ));
}
function createNewRole () {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$keys = array ();
$vals = array ();
$quests = array ();
foreach ( DbUtils :: $userCols as $userCol ) {
if ( ! is_null ( $userCol [ " new " ])) {
$quests [] = '?' ;
$key = $userCol [ " col " ];
if ( $key == " username " ) {
$key = " name " ;
}
$keys [] = $key ;
$vals [] = $_POST [ $userCol [ 'new' ]];
}
}
$keysStr = join ( " , " , $keys );
$questsStr = join ( " , " , $quests );
$sql = " INSERT INTO %roles% ( " . $keysStr . " ) VALUES( " . $questsStr . " ) " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( $vals );
echo json_encode ( array ( " status " => " OK " ));
}
2020-11-19 22:47:44 +01:00
2020-11-19 22:59:47 +01:00
function createNewUser () {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:03:48 +01:00
$username = $_POST [ 'name' ];
2020-11-19 22:59:47 +01:00
$password = $_POST [ 'password' ];
2020-11-19 23:03:48 +01:00
$roleid = $_POST [ 'roleid' ];
2020-11-19 22:54:51 +01:00
$sql = " SELECT count(id) as countid FROM %user% WHERE active='1' AND username=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $username ));
$row = $stmt -> fetchObject ();
if ( $row -> countid > 0 ) {
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_NAME_EXISTS_ALREADY , " msg " => ERROR_NAME_EXISTS_ALREADY_MSG ));
2020-11-19 22:47:44 +01:00
return ;
} else {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:47:44 +01:00
$lang = $_SESSION [ 'language' ];
2020-11-19 23:03:48 +01:00
$roleIsAdmin = self :: isRoleAdmin ( $pdo , $roleid );
if ( $roleIsAdmin && ! ( $this -> isCurrentUserAdmin ())) {
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_NOT_ADMIN , " msg " => ERROR_COMMAND_NOT_ADMIN_MSG ));
2020-11-19 22:47:44 +01:00
return ;
2020-11-19 22:54:12 +01:00
} else {
2020-11-19 22:47:44 +01:00
$password_hash = md5 ( $password );
2020-11-19 22:54:51 +01:00
2020-11-19 23:03:48 +01:00
$sql = " INSERT INTO %user% (username,userpassword,roleid,language,showplusminus,keeptypelevel,extrasapplybtnpos,prefertablemap,preferimgdesk,preferimgmobile,active) VALUES(?,?,?,?,?,?,?,?,?,?,?) " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $username , $password_hash , $roleid , $lang , 1 , 1 , 1 , 1 , 1 , 1 , 1 ));
2020-11-19 22:54:51 +01:00
$lastId = $pdo -> lastInsertId ();
2020-11-19 23:03:38 +01:00
2020-11-19 23:03:48 +01:00
HistFiller :: createUserInHist ( $pdo , $lastId );
2020-11-19 22:54:51 +01:00
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " OK " ));
2020-11-19 22:47:44 +01:00
}
}
}
function getPayPrintType () {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$this -> sendJsonValueFromConfigTable ( $pdo , 'payprinttype' );
2020-11-19 22:47:44 +01:00
}
function getPayments () {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
2020-11-19 22:47:44 +01:00
2020-11-19 23:00:58 +01:00
$hotelinterface = CommonUtils :: getConfigValue ( $pdo , " hotelinterface " , 0 );
$where = " WHERE id <> 7 " ;
if ( $hotelinterface != 0 ) {
$where = " " ;
}
2020-11-19 22:59:47 +01:00
$lang = $_SESSION [ 'language' ];
2020-11-19 23:00:58 +01:00
$sql = " SELECT id,name FROM %payment% $where " ;
2020-11-19 22:47:44 +01:00
if ( $lang == 1 ) {
2020-11-19 23:00:58 +01:00
$sql = " SELECT id,name_en as name FROM %payment% $where " ;
2020-11-19 22:47:44 +01:00
} else if ( $lang == 2 ) {
2020-11-19 23:00:58 +01:00
$sql = " SELECT id,name_esp as name FROM %payment% $where " ;
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:59:47 +01:00
2020-11-19 22:47:44 +01:00
$stmt_query = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
2020-11-19 22:59:47 +01:00
$stmt_query -> execute ();
2020-11-19 22:47:44 +01:00
$result = $stmt_query -> fetchAll ();
$retArray = array ();
2020-11-19 22:59:47 +01:00
2020-11-19 22:47:44 +01:00
foreach ( $result as $row ) {
$entry = array ( " id " => $row [ 'id' ], " name " => $row [ 'name' ]);
$retArray [] = $entry ;
}
2020-11-19 23:00:58 +01:00
$hotelinfo = $this -> getHotelInfo ( $pdo );
2020-11-19 23:02:08 +01:00
$internalguests = $this -> getGuestInfo ( $pdo );
2020-11-19 23:00:58 +01:00
2020-11-19 23:02:08 +01:00
echo json_encode ( array ( " payments " => $retArray , " hotelinterface " => $hotelinfo [ " hotelinterface " ], " guests " => $hotelinfo [ " guests " ], " internalguests " => $internalguests [ " guests " ]));
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:54:51 +01:00
function sendJsonValueFromConfigTable ( $pdo , $whichValue ) {
2020-11-19 23:00:35 +01:00
$theVal = CommonUtils :: getConfigValue ( $pdo , $whichValue , " " );
2020-11-19 22:59:47 +01:00
if ( $theVal == null ) {
echo json_encode ( " " );
} else {
echo json_encode ( $theVal );
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 23:10:26 +01:00
private static function changeItemInTable ( $pdo , $theItem , $theValue , $theTable ) {
$sql = " SELECT id FROM $theTable WHERE name=? " ;
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $theItem ));
if ( count ( $result ) == 0 ) {
$sql = " INSERT INTO $theTable (name,setting) VALUES(?,?) " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $theItem , $theValue ));
} else {
$sql = " UPDATE $theTable SET setting=? WHERE name=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $theValue , $theItem ));
}
}
2020-11-19 22:47:44 +01:00
private function deletelogo () {
2020-11-19 23:10:26 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
self :: changeItemInTable ( $pdo , " logoimg " , null , " %logo% " );
2020-11-19 22:47:44 +01:00
echo json_encode ( " OK " );
}
private function readlogo () {
if ( $_FILES [ 'logofile' ][ 'error' ] != UPLOAD_ERR_OK //checks for errors
&& is_uploaded_file ( $_FILES [ 'logofile' ][ 'tmp_name' ])) { //checks that file is uploaded
header ( " Location: ../infopage.html?e=manager.html=Kann_Datei_nicht_laden. " );
exit ();
}
if ( ! file_exists ( $_FILES [ 'logofile' ][ 'tmp_name' ]) || ! is_uploaded_file ( $_FILES [ 'logofile' ][ 'tmp_name' ])) {
header ( " Location: ../infopage.html?e=manager.html=Datei_nicht_angegeben. " );
exit ();
}
$content = file_get_contents ( $_FILES [ 'logofile' ][ 'tmp_name' ]);
if ( $_FILES [ 'logofile' ][ 'error' ] != UPLOAD_ERR_OK //checks for errors
2020-11-19 22:52:55 +01:00
&& is_uploaded_file ( $_FILES [ 'logofile' ][ 'tmp_name' ])) { //checks that file is uploaded
2020-11-19 22:47:44 +01:00
header ( " Location: ../infopage.html?e=manager.html=Kann_Datei_nicht_laden. " );
exit ();
}
if ( strlen ( $content ) > 65535 ) {
header ( " Location: ../infopage.html?e=manager.html=Logobild_muss_kleiner_als_64_Kilobytes_sein! " );
exit ();
}
2020-11-19 23:10:26 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
2020-11-19 23:10:26 +01:00
self :: changeItemInTable ( $pdo , " logoimg " , $content , " %logo% " );
2020-11-19 22:47:44 +01:00
header ( " Location: ../infopage.html?i=manager.html=Import_war_erfolgreich. " ); /* Browser umleiten */
exit ;
}
function changeConfig ( $changedValues ) {
$pdo = $this -> dbutils -> openDbAndReturnPdo ();
$assoc_vals = array (
" usstval " => array ( " dbcol " => " tax " , " checknum " => 1 ),
" togotaxval " => array ( " dbcol " => " togotax " , " checknum " => 1 ),
2020-11-19 23:00:31 +01:00
" taxaustrianormalval " => array ( " dbcol " => " taxaustrianormal " , " checknum " => 1 ),
" taxaustriaerm1val " => array ( " dbcol " => " taxaustriaerm1 " , " checknum " => 1 ),
" taxaustriaerm2val " => array ( " dbcol " => " taxaustriaerm2 " , " checknum " => 1 ),
" taxaustriaspecialval " => array ( " dbcol " => " taxaustriaspecial " , " checknum " => 1 ),
2020-11-19 22:47:44 +01:00
" stornocode " => array ( " dbcol " => " stornocode " , " checknum " => 0 ),
" printpass " => array ( " dbcol " => " printpass " , " checknum " => 0 ),
" companyinfo " => array ( " dbcol " => " companyinfo " , " checknum " => 0 ),
2020-11-19 23:03:04 +01:00
" hosttext " => array ( " dbcol " => " hosttext " , " checknum " => 0 ),
2020-11-19 22:58:39 +01:00
" rectemplate " => array ( " dbcol " => " rectemplate " , " checknum " => 0 ),
2020-11-19 22:59:54 +01:00
" foodtemplate " => array ( " dbcol " => " foodtemplate " , " checknum " => 0 ),
" drinktemplate " => array ( " dbcol " => " drinktemplate " , " checknum " => 0 ),
2020-11-19 23:03:48 +01:00
" canceltemplate " => array ( " dbcol " => " canceltemplate " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" serverUrl " => array ( " dbcol " => " serverurl " , " checknum " => 0 ),
2020-11-19 23:10:06 +01:00
" guesturl " => array ( " dbcol " => " guesturl " , " checknum " => 0 ),
" guestcode " => array ( " dbcol " => " guestcode " , " checknum " => 0 ),
" dailycode " => array ( " dbcol " => " dailycode " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" email " => array ( " dbcol " => " email " , " checknum " => 0 ),
" emailbadrating " => array ( " dbcol " => " emailbadrating " , " checknum " => 0 ),
" emailratingcontact " => array ( " dbcol " => " emailratingcontact " , " checknum " => 0 ),
" receiveremail " => array ( " dbcol " => " receiveremail " , " checknum " => 0 ),
" payprinttype " => array ( " dbcol " => " payprinttype " , " checknum " => 0 ),
" paymentconfig " => array ( " dbcol " => " paymentconfig " , " checknum " => 0 ),
2020-11-19 22:59:50 +01:00
" addreceipttoprinter " => array ( " dbcol " => " addreceipttoprinter " , " checknum " => 0 ),
2020-11-19 22:48:24 +01:00
" bigfontworkreceipt " => array ( " dbcol " => " bigfontworkreceipt " , " checknum " => 0 ),
2020-11-19 22:52:25 +01:00
" prominentsearch " => array ( " dbcol " => " prominentsearch " , " checknum " => 0 ),
2020-11-19 23:10:06 +01:00
" guestjobprint " => array ( " dbcol " => " guestjobprint " , " checknum " => 0 ),
2020-11-19 23:10:21 +01:00
" askdaycode " => array ( " dbcol " => " askdaycode " , " checknum " => 0 ),
" asktablecode " => array ( " dbcol " => " asktablecode " , " checknum " => 0 ),
" showdaycode " => array ( " dbcol " => " showdaycode " , " checknum " => 0 ),
" guesttimeout " => array ( " dbcol " => " guesttimeout " , " checknum " => 0 ),
2020-11-19 22:58:17 +01:00
" discount1 " => array ( " dbcol " => " discount1 " , " checknum " => 0 ),
" discount2 " => array ( " dbcol " => " discount2 " , " checknum " => 0 ),
" discount3 " => array ( " dbcol " => " discount3 " , " checknum " => 0 ),
" austria " => array ( " dbcol " => " austria " , " checknum " => 0 ),
2020-11-19 22:58:36 +01:00
" digigopaysetready " => array ( " dbcol " => " digigopaysetready " , " checknum " => 0 ),
2020-11-19 22:58:42 +01:00
" waitergopayprint " => array ( " dbcol " => " waitergopayprint " , " checknum " => 0 ),
2020-11-19 23:03:26 +01:00
" oneprodworkrecf " => array ( " dbcol " => " oneprodworkrecf " , " checknum " => 0 ),
" oneprodworkrecd " => array ( " dbcol " => " oneprodworkrecd " , " checknum " => 0 ),
2020-11-19 23:00:05 +01:00
" digiprintwork " => array ( " dbcol " => " digiprintwork " , " checknum " => 0 ),
2020-11-19 23:03:26 +01:00
" groupworkitemsf " => array ( " dbcol " => " groupworkitemsf " , " checknum " => 0 ),
" groupworkitemsd " => array ( " dbcol " => " groupworkitemsd " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" workflowconfig " => array ( " dbcol " => " workflowconfig " , " checknum " => 0 ),
2020-11-19 23:03:20 +01:00
" dashslot1 " => array ( " dbcol " => " dashslot1 " , " checknum " => 0 ),
" dashslot2 " => array ( " dbcol " => " dashslot2 " , " checknum " => 0 ),
" dashslot3 " => array ( " dbcol " => " dashslot3 " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" receiptfontsize " => array ( " dbcol " => " receiptfontsize " , " checknum " => 0 ),
" billlanguage " => array ( " dbcol " => " billlanguage " , " checknum " => 0 ),
2020-11-19 23:00:58 +01:00
" hotelinterface " => array ( " dbcol " => " hotelinterface " , " checknum " => 0 ),
" hsinfile " => array ( " dbcol " => " hsinfile " , " checknum " => 0 ),
" hsoutfile " => array ( " dbcol " => " hsoutfile " , " checknum " => 0 ),
" hscurrency " => array ( " dbcol " => " hscurrency " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" reservationnote " => array ( " dbcol " => " reservationnote " , " checknum " => 0 ),
" remoteaccesscode " => array ( " dbcol " => " remoteaccesscode " , " checknum " => 0 ),
" webimpressum " => array ( " dbcol " => " webimpressum " , " checknum " => 0 ),
" cancelunpaidcode " => array ( " dbcol " => " cancelunpaidcode " , " checknum " => 0 ),
2020-11-19 23:02:12 +01:00
" cancelguestcode " => array ( " dbcol " => " cancelguestcode " , " checknum " => 0 ),
2020-11-19 23:00:55 +01:00
" printandqueuejobs " => array ( " dbcol " => " printandqueuejobs " , " checknum " => 0 ),
" cashenabled " => array ( " dbcol " => " cashenabled " , " checknum " => 0 ),
2020-11-19 23:02:16 +01:00
" returntoorder " => array ( " dbcol " => " returntoorder " , " checknum " => 0 ),
2020-11-19 23:00:55 +01:00
" beepcooked " => array ( " dbcol " => " beepcooked " , " checknum " => 0 ),
2020-11-19 23:10:48 +01:00
" beepordered " => array ( " dbcol " => " beepordered " , " checknum " => 0 ),
2020-11-19 23:02:57 +01:00
" closshowci " => array ( " dbcol " => " closshowci " , " checknum " => 0 ),
" closshowpaytaxes " => array ( " dbcol " => " closshowpaytaxes " , " checknum " => 0 ),
" closshowprods " => array ( " dbcol " => " closshowprods " , " checknum " => 0 ),
" showpayment2 " => array ( " dbcol " => " showpayment2 " , " checknum " => 0 ),
" showpayment3 " => array ( " dbcol " => " showpayment3 " , " checknum " => 0 ),
" showpayment4 " => array ( " dbcol " => " showpayment4 " , " checknum " => 0 ),
" showpayment5 " => array ( " dbcol " => " showpayment5 " , " checknum " => 0 ),
" showpayment6 " => array ( " dbcol " => " showpayment6 " , " checknum " => 0 ),
" showpayment7 " => array ( " dbcol " => " showpayment7 " , " checknum " => 0 ),
" showpayment8 " => array ( " dbcol " => " showpayment8 " , " checknum " => 0 ),
2020-11-19 23:02:08 +01:00
" restaurantmode " => array ( " dbcol " => " restaurantmode " , " checknum " => 0 ),
2020-11-19 23:03:29 +01:00
" dblog " => array ( " dbcol " => " dblog " , " checknum " => 0 ),
2020-11-19 23:10:46 +01:00
" printextras " => array ( " dbcol " => " printextras " , " checknum " => 0 ),
" forceprint " => array ( " dbcol " => " forceprint " , " checknum " => 0 ),
2020-11-19 23:03:35 +01:00
" priceinlist " => array ( " dbcol " => " priceinlist " , " checknum " => 0 ),
2020-11-19 22:47:44 +01:00
" smtphost " => array ( " dbcol " => " smtphost " , " checknum " => 0 ),
" smtpauth " => array ( " dbcol " => " smtpauth " , " checknum " => 1 ),
" smtpuser " => array ( " dbcol " => " smtpuser " , " checknum " => 0 ),
" smtppass " => array ( " dbcol " => " smtppass " , " checknum " => 0 ),
" smtpsecure " => array ( " dbcol " => " smtpsecure " , " checknum " => 1 ),
" smtpport " => array ( " dbcol " => " smtpport " , " checknum " => 0 ),
2020-11-19 23:03:31 +01:00
" startprodsearch " => array ( " dbcol " => " startprodsearch " , " checknum " => 1 ),
2020-11-19 23:02:42 +01:00
" discountname1 " => array ( " dbcol " => " discountname1 " , " checknum " => 0 ),
" discountname2 " => array ( " dbcol " => " discountname2 " , " checknum " => 0 ),
" discountname3 " => array ( " dbcol " => " discountname3 " , " checknum " => 0 ),
2020-11-19 23:00:58 +01:00
" memorylimit " => array ( " dbcol " => " memorylimit " , " checknum " => 0 ),
2020-11-19 23:11:27 +01:00
" minbeforecome " => array ( " dbcol " => " minbeforecome " , " checknum " => 0 ),
" minaftergo " => array ( " dbcol " => " minaftergo " , " checknum " => 0 ),
2020-11-19 23:02:33 +01:00
" updateurl " => array ( " dbcol " => " updateurl " , " checknum " => 0 ),
2020-11-19 23:03:43 +01:00
" tmpdir " => array ( " dbcol " => " tmpdir " , " checknum " => 0 ),
" ftphost " => array ( " dbcol " => " ftphost " , " checknum " => 0 ),
" ftpuser " => array ( " dbcol " => " ftpuser " , " checknum " => 0 ),
" ftppass " => array ( " dbcol " => " ftppass " , " checknum " => 0 ),
2020-11-19 23:01:04 +01:00
" hs3refresh " => array ( " dbcol " => " hs3refresh " , " checknum " => 0 ),
2020-11-19 23:00:58 +01:00
2020-11-19 22:58:20 +01:00
" paydeskid " => array ( " dbcol " => " paydeskid " , " checknum " => 0 ),
" aeskey " => array ( " dbcol " => " aeskey " , " checknum " => 0 ),
2020-11-19 23:02:19 +01:00
" certificatesn " => array ( " dbcol " => " certificatesn " , " checksum " => 0 ),
" rksvserver " => array ( " dbcol " => " rksvserver " , " checksum " => 0 )
2020-11-19 22:47:44 +01:00
);
$problem = false ;
foreach ( $changedValues as $aChangeSet ) {
$name = $aChangeSet [ 'name' ];
$aVal = $aChangeSet [ 'value' ];
if ( $name == " payprinttype " ) {
if ((( string ) $aVal ) == " 1 " ) {
$aVal = " l " ;
}
if ((( string ) $aVal ) == " 2 " ) {
$aVal = " s " ;
}
}
2020-11-19 22:59:50 +01:00
if ( $name == 'addreceipttoprinter' ) {
if (((( string ) $aVal ) == " 0 " ) || ( ! is_numeric ( $aVal ))) {
$aVal = null ;
}
}
2020-11-19 22:47:44 +01:00
if ( $name == " remoteaccesscode " ) {
if ((( string ) $aVal ) == " " ) {
$aVal = null ;
} else {
$aVal = md5 ( $aVal );
}
}
if ( $name == " printpass " ) {
$aVal = md5 ( $aVal );
}
2020-11-19 23:03:31 +01:00
if ( $name == " startprodsearch " ) {
if ( is_numeric ( $aVal )) {
$aVal = round ( $aVal );
}
}
2020-11-19 23:00:58 +01:00
if ( $name == " memorylimit " ) {
$aVal = trim ( $aVal );
if ( $aVal != " -1 " ) {
if ( ! ctype_digit ( $aVal )) {
$aVal = " 256 " ;
}
$aVal = intval ( $aVal );
if (( $aVal < 64 ) || ( $aVal > 65535 )) {
$aVal = 256 ;
}
}
}
2020-11-19 23:11:27 +01:00
if ( $name == " minbeforecome " ) {
$aVal = trim ( $aVal );
if ( $aVal != " -1 " ) {
if ( ! ctype_digit ( $aVal )) {
$aVal = " 0 " ;
}
$aVal = intval ( $aVal );
if ( $aVal < 0 ) {
$aVal = 0 ;
}
}
}
if ( $name == " minaftergo " ) {
$aVal = trim ( $aVal );
if ( $aVal != " -1 " ) {
if ( ! ctype_digit ( $aVal )) {
$aVal = " 0 " ;
}
$aVal = intval ( $aVal );
if ( $aVal < 0 ) {
$aVal = 0 ;
}
}
}
2020-11-19 23:00:58 +01:00
2020-11-19 23:10:21 +01:00
if ( $name == " guesttimeout " ) {
if ( is_numeric ( $aVal )) {
$aVal = round ( $aVal );
if ( $aVal < 0 ) {
$aVal = 0 ;
}
} else {
$aVal = 5 ;
}
}
2020-11-19 23:03:43 +01:00
if (( $name == " updateurl " ) || ( $name == " tmpdir " ) || ( $name == " ftphost " ) || ( $name == " ftpuser " )) {
2020-11-19 23:02:33 +01:00
$aVal = trim ( $aVal );
}
2020-11-19 23:01:04 +01:00
if ( $name == " hs3refresh " ) {
$aVal = trim ( $aVal );
if ( ! ctype_digit ( $aVal )) {
$aVal = " 60 " ;
}
$aVal = intval ( $aVal );
if ( $aVal < 5 ) {
$aVal = 60 ;
}
}
2020-11-19 22:47:44 +01:00
$association = $assoc_vals [ $name ];
$dbcol = $association [ " dbcol " ];
$check = $association [ " checknum " ];
if ( $check == 1 ) {
if ( is_numeric ( $aVal )) {
2020-11-19 23:10:26 +01:00
$this -> changeOneConfigDbItem ( $pdo , $dbcol , $aVal );
2020-11-19 22:47:44 +01:00
} else {
$problem = true ;
}
} else {
2020-11-19 23:10:26 +01:00
$this -> changeOneConfigDbItem ( $pdo , $dbcol , $aVal );
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 22:59:47 +01:00
if ( ! $problem ) {
echo json_encode ( array ( " status " => " OK " ));
2020-11-19 22:47:44 +01:00
} else {
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG ));
2020-11-19 22:47:44 +01:00
}
}
2020-11-19 23:10:26 +01:00
function changeOneConfigDbItem ( $pdo , $theItem , $theValue ) {
$histFiller = new HistFiller ();
$histFiller -> updateConfigInHist ( $pdo , $theItem , $theValue );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:03:48 +01:00
public static function isRoleAdmin ( $pdo , $roleid ) {
$sql = " SELECT is_admin FROM %roles% WHERE id=? " ;
$is_admin_role = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $roleid ));
return ( $is_admin_role -> is_admin == 1 ? true : false );
}
public static function isRoleOfUserAdmin ( $pdo , $userid ) {
$sql = " SELECT roleid FROM %user% WHERE id=? " ;
$role = CommonUtils :: getRowSqlObject ( $pdo , $sql , array ( $userid ));
$roleid = $role -> roleid ;
return self :: isRoleAdmin ( $pdo , $roleid );
}
2020-11-19 22:59:47 +01:00
function updateUser () {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$theUserId = $_POST [ 'userid' ];
2020-11-19 23:03:48 +01:00
$roleid = $_POST [ 'roleid' ];
2020-11-19 22:47:44 +01:00
2020-11-19 23:03:48 +01:00
$is_admin_role = self :: isRoleAdmin ( $pdo , $roleid );
2020-11-19 23:10:09 +01:00
$isRoleOfUserAdmin = self :: isRoleOfUserAdmin ( $pdo , $theUserId );
2020-11-19 23:03:48 +01:00
2020-11-19 23:10:09 +01:00
if ( ! $this -> isCurrentUserAdmin () && ( $is_admin_role || $isRoleOfUserAdmin )) {
2020-11-19 22:47:44 +01:00
echo json_encode ( " noadmin " );
} else {
2020-11-19 23:03:48 +01:00
$sql = " UPDATE %user% SET roleid=? WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $roleid , $theUserId ));
HistFiller :: updateUserInHist ( $pdo , $theUserId );
echo json_encode ( " OK " );
}
}
function deleteRole ( $roleid ) {
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " SELECT id FROM %user% WHERE roleid=? AND active='1' " ;
$result = CommonUtils :: fetchSqlAll ( $pdo , $sql , array ( $roleid ));
if ( count ( $result ) > 0 ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Rolle ist noch Benutzern zugewiesen! " ));
} else {
$sql = " DELETE FROM %roles% WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $roleid ));
echo json_encode ( array ( " status " => " OK " ));
2020-11-19 22:59:47 +01:00
}
2020-11-19 22:47:44 +01:00
}
function deleteUser ( $theUserId ) {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:03:48 +01:00
$is_admin_role = self :: isRoleOfUserAdmin ( $pdo , $theUserId );
if ( ! $this -> isCurrentUserAdmin () && $is_admin_role ) {
2020-11-19 22:47:44 +01:00
echo json_encode ( " noadmin " );
} else {
2020-11-19 23:03:48 +01:00
$sql = " UPDATE %user% set active='0' WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $theUserId ));
2020-11-19 22:54:51 +01:00
2020-11-19 23:03:48 +01:00
HistFiller :: updateUserInHist ( $pdo , $theUserId );
$sql = " UPDATE %user% set roleid=? WHERE id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( null , $theUserId ));
echo json_encode ( " OK " );
}
2020-11-19 22:47:44 +01:00
}
function getCurrentUser () {
2020-11-19 22:59:47 +01:00
if ( ! isset ( $_SESSION [ 'angemeldet' ]) || ! $_SESSION [ 'angemeldet' ]) {
echo json_encode ( " Nobody " );
2020-11-19 22:47:44 +01:00
} else {
echo json_encode ( $_SESSION [ 'currentuser' ]);
}
}
function changepassword ( $userid , $password ) {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 23:00:35 +01:00
$sql = " SELECT count(id) as countid FROM %user% WHERE active='1' AND id=? " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $userid ));
$row = $stmt -> fetchObject ();
2020-11-19 23:00:35 +01:00
if ( $row -> countid == 0 ) {
echo json_encode ( " ERROR " );
return ;
}
2020-11-19 23:03:48 +01:00
$userToChgPassIsAdm = self :: isRoleOfUserAdmin ( $pdo , $userid );
2020-11-19 22:47:44 +01:00
2020-11-19 23:03:48 +01:00
$currentUserAdmin = $this -> isCurrentUserAdmin ();
if ( ! $currentUserAdmin && $userToChgPassIsAdm ) {
2020-11-19 22:47:44 +01:00
echo json_encode ( " noadmin " );
} else {
2020-11-19 23:03:48 +01:00
if ( session_id () == '' ) {
session_start ();
}
$otherUser = false ;
if ( $_SESSION [ 'userid' ] != $userid ) {
$otherUser = true ;
}
if ( $otherUser && $userToChgPassIsAdm && ! ( $this -> isCurrentUserAdmin ())) {
echo json_encode ( " noadmin " );
} else {
$password_hash = md5 ( $password );
$sql = " UPDATE %user% set userpassword=? WHERE active='1' AND id=? " ;
CommonUtils :: execSql ( $pdo , $sql , array ( $password_hash , $userid ));
echo json_encode ( " OK " );
}
2020-11-19 22:47:44 +01:00
}
}
function setUserLanguage ( $language ) {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:54:51 +01:00
$currentuserid = $_SESSION [ 'userid' ];
2020-11-19 22:47:44 +01:00
$_SESSION [ 'language' ] = intval ( $language );
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " UPDATE %user% set language=? WHERE active='1' AND id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $language , $currentuserid ));
2020-11-19 22:47:44 +01:00
echo json_encode ( " OK " );
}
function setUserReceiptPrinter ( $printer ) {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
}
$currentuserid = $_SESSION [ 'userid' ];
$_SESSION [ 'receiptprinter' ] = intval ( $printer );
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " UPDATE %user% set receiptprinter=? WHERE active='1' AND id=? " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
2020-11-19 22:59:47 +01:00
$stmt -> execute ( array ( $printer , $currentuserid ));
2020-11-19 22:47:44 +01:00
echo json_encode ( " OK " );
}
function setBtnSize ( $btn , $size ) {
if ( session_id () == '' ) {
session_start ();
}
2020-11-19 22:54:51 +01:00
$currentuserid = $_SESSION [ 'userid' ];
2020-11-19 22:47:44 +01:00
$assoc = array ( " 0 " => " roombtnsize " , " 1 " => " tablebtnsize " , " 2 " => " prodbtnsize " );
$_SESSION [ $assoc [ $btn ]] = intval ( $size );
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$sql = " UPDATE %user% set " . $assoc [ $btn ] . " =? WHERE active='1' AND id=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $size , $currentuserid ));
2020-11-19 22:47:44 +01:00
echo json_encode ( " OK " );
}
function changeOwnPassword ( $oldpassword , $newpassword ) {
2020-11-19 22:59:47 +01:00
if ( session_id () == '' ) {
session_start ();
2020-11-19 22:47:44 +01:00
}
$currentuser = $_SESSION [ 'currentuser' ];
$oldp_hash = md5 ( $oldpassword );
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
$ok = true ;
2020-11-19 23:00:35 +01:00
$sql = " SELECT count(id) as countid FROM %user% WHERE username=? AND active='1' " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $currentuser ));
$row = $stmt -> fetchObject ();
2020-11-19 23:00:35 +01:00
if ( $row -> countid == 0 ) {
echo json_encode ( " FAILED " );
return ;
}
2020-11-19 22:54:51 +01:00
2020-11-19 23:00:35 +01:00
$sql = " SELECT userpassword FROM %user% WHERE username=? AND active='1' " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( $currentuser ));
$row = $stmt -> fetchObject ();
if ( $row -> userpassword != $oldp_hash ) {
2020-11-19 22:47:44 +01:00
$ok = false ;
2020-11-19 22:54:51 +01:00
}
2020-11-19 22:47:44 +01:00
if ( $ok ) {
$newp_hash = md5 ( $newpassword );
2020-11-19 22:54:51 +01:00
$sql = " UPDATE %user% set userpassword=? WHERE active='1' AND username=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
2020-11-19 22:59:47 +01:00
$stmt -> execute ( array ( $newp_hash , $currentuser ));
2020-11-19 22:47:44 +01:00
echo json_encode ( " OK " );
} else {
echo json_encode ( " FAILED " );
}
}
2020-11-19 22:59:47 +01:00
private function writeCsvHeader ( $defaultFilename ) {
header ( " Content-type: text/x-csv " );
header ( " Content-Disposition: attachment; filename= $defaultFilename " );
header ( " Cache-Control: must-revalidate, post-check=0, pre-check=0 " );
header ( " Pragma: no-cache " );
2020-11-19 22:47:44 +01:00
header ( " Expires: 0 " );
}
private function exportConfigCsv () {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
$this -> writeCsvHeader ( " datenexport-config.csv " );
2020-11-19 22:59:47 +01:00
echo ( " Eintragsid; Datum ; Konfiguration; Wert;Beschreibung \n " );
$sql = " SELECT DISTINCT %hist%.id as id,date, " ;
$sql .= " %config%.name as configitem,%histconfig%.setting as setting,description " ;
$sql .= " FROM %hist%, %histconfig%, %histactions%, %config% " ;
2020-11-19 22:47:44 +01:00
$sql .= " WHERE (refid=%histconfig%.id) " ;
2020-11-19 22:59:47 +01:00
$sql .= " AND %histconfig%.configid = %config%.id " ;
$sql .= " AND (action='2' OR action='6') " ;
$sql .= " AND (action=%histactions%.id) " ;
$sql .= " ORDER BY date,id " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$result = $stmt -> fetchAll ();
2020-11-19 22:59:47 +01:00
foreach ( $result as $zeile ) {
$val1 = $zeile [ 'id' ];
$val2 = $zeile [ 'date' ];
$val3 = $zeile [ 'configitem' ];
2020-11-19 22:47:44 +01:00
$val4 = str_replace ( " \r \n " , " <CR> " , $zeile [ 'setting' ]);
2020-11-19 22:59:47 +01:00
$val4 = str_replace ( " \n " , " <CR> " , $val4 );
$val5 = $zeile [ 'description' ];
echo " $val1 ; $val2 ; \" $val3\ " ; \ " $val4\ " ; \ " $val5\ " \n " ;
2020-11-19 22:54:51 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:00:18 +01:00
private function exportLog () {
header ( " Content-type: text/plain " );
header ( " Content-Disposition: attachment; filename=server.log " );
header ( " Cache-Control: must-revalidate, post-check=0, pre-check=0 " );
header ( " Pragma: no-cache " );
header ( " Expires: 0 " );
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
echo CommonUtils :: getLog ( $pdo );
}
2020-11-19 22:47:44 +01:00
private function exportUserCsv () {
2020-11-19 22:54:51 +01:00
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
2020-11-19 22:47:44 +01:00
$this -> writeCsvHeader ( " datenexport-benutzer.csv " );
2020-11-19 23:11:27 +01:00
echo ( " Eintragsid; Datum ; Benutzerid; Benutzername; Adminrechte; Kellnerrechte;Kuechenrechte; Barrechte; Bereitstellungsrechte; Kassenrechte; Reportrechte; Kassenbonrechte; Angebotsrechte; Beurteilungsrechte; Preisänderungsrechte; Gästerechte; Tageserfassungsrecht; Dashboardrechte; Zeiterfassung; Zeitmanagement; Managerrechte; Aktiviert \n " );
2020-11-19 22:47:44 +01:00
$sql = " SELECT DISTINCT %hist%.id as id,date, " ;
2020-11-19 23:10:06 +01:00
$sql .= " IFNULL(userid,'') as userid,IFNULL(username,'') as username,is_admin,right_waiter,right_kitchen,right_bar,right_supply, " ;
2020-11-19 23:11:27 +01:00
$sql .= " right_paydesk,right_statistics,right_bill,right_products,right_rating,right_changeprice,right_customers,right_closing,right_dash,right_timetracking,right_timemanager,right_manager,active, " ;
2020-11-19 22:47:44 +01:00
$sql .= " description " ;
$sql .= " FROM %hist%, %histuser%, %histactions% " ;
$sql .= " WHERE (refid=%histuser%.id) " ;
$sql .= " AND (action='3' OR action='7' OR action='8') " ;
$sql .= " AND (action=%histactions%.id) " ;
$sql .= " ORDER BY date,id " ;
2020-11-19 22:54:51 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$result = $stmt -> fetchAll ();
foreach ( $result as $zeile ) {
2020-11-19 22:47:44 +01:00
$val1 = $zeile [ 'id' ];
$val2 = $zeile [ 'date' ];
$val3 = $zeile [ 'userid' ];
$val4 = $zeile [ 'username' ];
$val5 = ( $zeile [ 'is_admin' ] == '1' ? " Ja " : " Nein " );
$val6 = ( $zeile [ 'right_waiter' ] == '1' ? " Ja " : " Nein " );
$val7 = ( $zeile [ 'right_kitchen' ] == '1' ? " Ja " : " Nein " );
$val8 = ( $zeile [ 'right_bar' ] == '1' ? " Ja " : " Nein " );
$val9 = ( $zeile [ 'right_supply' ] == '1' ? " Ja " : " Nein " );
$val10 = ( $zeile [ 'right_paydesk' ] == '1' ? " Ja " : " Nein " );
$val11 = ( $zeile [ 'right_statistics' ] == '1' ? " Ja " : " Nein " );
$val12 = ( $zeile [ 'right_bill' ] == '1' ? " Ja " : " Nein " );
$val13 = ( $zeile [ 'right_products' ] == '1' ? " Ja " : " Nein " );
$val14 = ( $zeile [ 'right_rating' ] == '1' ? " Ja " : " Nein " );
$val15 = ( $zeile [ 'right_changeprice' ] == '1' ? " Ja " : " Nein " );
2020-11-19 23:02:08 +01:00
$val16 = ( $zeile [ 'right_customers' ] == '1' ? " Ja " : " Nein " );
$val17 = ( $zeile [ 'right_closing' ] == '1' ? " Ja " : " Nein " );
2020-11-19 23:03:20 +01:00
$val18 = ( $zeile [ 'right_dash' ] == '1' ? " Ja " : " Nein " );
2020-11-19 23:11:27 +01:00
$val19 = ( $zeile [ 'right_timetracking' ] == '1' ? " Ja " : " Nein " );
$val20 = ( $zeile [ 'right_timemanager' ] == '1' ? " Ja " : " Nein " );
$val21 = ( $zeile [ 'right_manager' ] == '1' ? " Ja " : " Nein " );
$val22 = ( $zeile [ 'active' ] == '1' ? " Ja " : " Nein " );
$val23 = $zeile [ 'description' ];
2020-11-19 22:47:44 +01:00
echo " $val1 ; $val2 ; $val3 ; $val4 ; $val5 ; $val6 ; $val7 ; $val8 ; $val9 ; $val10 ; " ;
2020-11-19 23:11:27 +01:00
echo " $val11 ; $val12 ; $val13 ; $val14 ; $val15 ; $val16 ; $val17 ; $val18 ; $val19 ; $val20 ; $val21 ; $val22 ; $val23\n " ;
2020-11-19 22:47:44 +01:00
}
}
/**
* Create a temporary directory in PHP ' s temp folder
*/
private function createDirectoryInTemp ( $tmpFolder ) {
$tmpFolder = trim ( $tmpFolder );
if ( $tmpFolder == " " ) {
$tempfile = tempnam ( sys_get_temp_dir (), '' );
} else {
$tempfile = tempnam ( $tmpFolder , '' );
}
if ( is_null ( $tempfile ) || ( $tempfile == " " )) {
return null ;
}
if ( file_exists ( $tempfile )) { unlink ( $tempfile ); }
mkdir ( $tempfile );
if ( is_dir ( $tempfile )) {
$tempfile = str_replace ( '\\' , '/' , $tempfile );
return $tempfile ;
} else {
return null ;
}
}
private function getConfigTablesToBackupRestore () {
2020-11-19 23:03:48 +01:00
return array ( " logo " , " work " , " payment " , " room " , " resttables " , " tablepos " , " tablemaps " , " pricelevel " , " prodtype " , " prodimages " , " products " , " config " , " roles " , " user " , " comments " , " histprod " , " histconfig " , " histuser " , " histactions " , " hist " , " extras " , " extrasprods " );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:02:19 +01:00
private function getConfigGuestsTablesToBackupRestore () {
2020-11-19 23:03:48 +01:00
return array ( " logo " , " work " , " payment " , " room " , " resttables " , " tablepos " , " tablemaps " , " pricelevel " , " prodtype " , " prodimages " , " products " , " config " , " roles " , " user " , " comments " , " histprod " , " histconfig " , " histuser " , " histactions " , " hist " , " extras " , " extrasprods " , " customers " , " groups " , " groupcustomer " , " vacations " );
2020-11-19 23:02:19 +01:00
}
2020-11-19 22:47:44 +01:00
private function getAllTablesToBackupRestore () {
2020-11-19 23:03:35 +01:00
return array ( " closing " , " logo " , " printjobs " , " ratings " , " work " , " payment " , " room " , " resttables " , " tablepos " , " tablemaps " , " pricelevel " , " prodtype " , " prodimages " , " products " , " config " ,
2020-11-19 23:11:27 +01:00
" roles " , " user " , " reservations " , " customers " , " groups " , " groupcustomer " , " vacations " , " bill " , " customerlog " , " queue " , " times " , " records " , " recordsqueue " , " billproducts " , " hsin " , " hsout " , " comments " , " histprod " , " histconfig " , " histuser " , " histactions " , " hist " ,
2020-11-19 23:02:08 +01:00
" extras " , " extrasprods " , " queueextras " );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:00:35 +01:00
private function getAllWithLogsTablesToBackupRestore () {
2020-11-19 23:03:35 +01:00
return array ( " log " , " closing " , " logo " , " printjobs " , " ratings " , " work " , " payment " , " room " , " resttables " , " tablepos " , " tablemaps " , " pricelevel " , " prodtype " , " prodimages " , " products " , " config " ,
2020-11-19 23:11:27 +01:00
" roles " , " user " , " reservations " , " customers " , " groups " , " groupcustomer " , " vacations " , " bill " , " customerlog " , " queue " , " times " , " records " , " recordsqueue " , " billproducts " , " hsin " , " hsout " , " comments " , " histprod " , " histconfig " , " histuser " , " histactions " , " hist " ,
2020-11-19 23:02:08 +01:00
" extras " , " extrasprods " , " queueextras " );
2020-11-19 23:00:35 +01:00
}
2020-11-19 23:03:43 +01:00
public function ftpbackup ( $theType , $remoteaccesscode ) {
if ( ! extension_loaded ( " ftp " )) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " PHP-Extension ftp ist nicht installiert " ));
return ;
}
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
$ftphost = CommonUtils :: getConfigValue ( $pdo , 'ftphost' , '' );
$ftpuser = CommonUtils :: getConfigValue ( $pdo , 'ftpuser' , '' );
$ftppass = CommonUtils :: getConfigValue ( $pdo , 'ftppass' , '' );
$pdo = null ;
if (( $ftphost == '' ) || ( $ftpuser == '' ) || ( $ftppass = '' )) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Ftp-Verbindung wurde nicht konfiguriert " ));
} else {
$ok = $this -> backup ( $theType , $remoteaccesscode , true );
echo json_encode ( $ok );
}
}
public function backup ( $theType , $remoteaccesscode , $doFtp = false ) {
2020-11-19 23:03:04 +01:00
set_time_limit ( 60 * 60 );
2020-11-19 22:47:44 +01:00
date_default_timezone_set ( DbUtils :: getTimeZone ());
$nowtime = date ( 'Y-m-d' );
2020-11-19 22:51:46 +01:00
2020-11-19 23:03:43 +01:00
$zipExtension = true ;
if ( ! extension_loaded ( " zip " )) {
$zipExtension = false ;
}
2020-11-19 22:47:44 +01:00
$pdo = DButils :: openDbAndReturnPdoStatic ();
2020-11-19 22:55:09 +01:00
2020-11-19 23:03:43 +01:00
$tmpdir = CommonUtils :: getConfigValue ( $pdo , 'tmpdir' , '' );
2020-11-19 22:55:09 +01:00
if ( $theType == " auto " ) {
2020-11-19 23:00:35 +01:00
$code = CommonUtils :: getConfigValue ( $pdo , 'remoteaccesscode' , null );
if ( is_null ( $code )) {
2020-11-19 22:55:09 +01:00
echo " No remote access code available - backup not allowed " ;
return ;
}
2020-11-19 23:00:35 +01:00
2020-11-19 22:55:09 +01:00
if ( is_null ( $code ) || ( trim ( $code ) == " " )) {
echo " No remote access code set - backup not allowed " ;
return ;
}
if ( $code != md5 ( $remoteaccesscode )) {
echo " Wrong remote access code used - backup not allowed " ;
return ;
}
}
2020-11-19 22:47:44 +01:00
$pdo -> beginTransaction ();
2020-11-19 22:51:46 +01:00
$genInfo = $this -> getGeneralConfigItems ( false , $pdo );
$version = $genInfo [ " version " ];
2020-11-19 23:03:43 +01:00
$extension = " json " ;
if (( $tmpdir != '' ) && $zipExtension ) {
$extension = " zip " ;
}
$fileName = " backup- " . $version . " _ " . $nowtime . " -configuration. $extension " ;
2020-11-19 22:51:46 +01:00
if ( $theType == " all " ) {
2020-11-19 23:03:43 +01:00
$fileName = " backup- " . $version . " _ " . $nowtime . " -all. $extension " ;
2020-11-19 23:00:35 +01:00
} else if ( $theType == " alllogs " ) {
2020-11-19 23:03:43 +01:00
$fileName = " backup- " . $version . " _ " . $nowtime . " -all-logs. $extension " ;
2020-11-19 23:02:19 +01:00
} else if ( $theType == " confandguests " ) {
2020-11-19 23:03:43 +01:00
$fileName = " backup- " . $version . " _ " . $nowtime . " -guests. $extension " ;
2020-11-19 22:51:46 +01:00
}
2020-11-19 22:47:44 +01:00
if ( $theType == " configuration " ) {
$tables = $this -> getConfigTablesToBackupRestore ();
2020-11-19 23:02:19 +01:00
} else if ( $theType == " confandguests " ) {
$tables = $this -> getConfigGuestsTablesToBackupRestore ();
2020-11-19 23:00:35 +01:00
} else if (( $theType == " all " ) || ( $theType == " auto " )) {
2020-11-19 22:59:47 +01:00
HistFiller :: insertSaveHistEntry ( $pdo );
2020-11-19 22:47:44 +01:00
$tables = $this -> getAllTablesToBackupRestore ();
2020-11-19 23:00:35 +01:00
} else {
HistFiller :: insertSaveHistEntry ( $pdo );
$tables = $this -> getAllWithLogsTablesToBackupRestore ();
2020-11-19 22:47:44 +01:00
}
$binaryFields = array ( " signature " , " img " , " setting " , " content " );
$dbcontent = array ();
2020-11-19 23:03:43 +01:00
$filenames = array ();
2020-11-19 22:47:44 +01:00
foreach ( $tables as $table ) {
$sql = " DESCRIBE % $table % " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$fields = $stmt -> fetchAll ( PDO :: FETCH_COLUMN );
$fieldstr = implode ( " , " , $fields );
$sql = " SELECT $fieldstr from % $table % " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
2020-11-19 23:03:43 +01:00
$result = $stmt -> fetchAll ( PDO :: FETCH_ASSOC );
2020-11-19 22:47:44 +01:00
$tableContent = array ();
foreach ( $result as $row ) {
$fieldContent = array ();
foreach ( $fields as $field ) {
if ( in_array ( $field , $binaryFields )) {
2020-11-19 23:03:43 +01:00
$aFieldEntry = array ( " f " => $field , " v " => base64_encode ( $row [ $field ]));
2020-11-19 22:47:44 +01:00
} else {
2020-11-19 23:03:43 +01:00
$aFieldEntry = array ( " f " => $field , " v " => $row [ $field ]);
2020-11-19 22:47:44 +01:00
}
$fieldContent [] = $aFieldEntry ;
};
$tableContent [] = $fieldContent ;
}
2020-11-19 23:03:43 +01:00
if (( $tmpdir == '' ) || ! $zipExtension ) {
$dbcontent [] = array ( " t " => $table , " c " => $tableContent );
} else {
try {
$tempfile = tempnam ( $tmpdir , " $table " );
$contentToWrite = json_encode ( $tableContent );
$success = file_put_contents ( $tempfile , $contentToWrite );
if ( $success == FALSE ) {
echo " Fehler: Ist das PHP-Tmp-Verzeichnis richtig gesetzt? " ;
}
$filenames [] = array ( " table " => $table , " file " => $tempfile );
} catch ( Exception $ex ) {
echo " Fehler: " . $ex -> getMessage () . " - Ist das PHP-Tmp-Verzeichnis richtig gesetzt? " ;
}
}
2020-11-19 22:47:44 +01:00
}
$pdo -> commit ();
2020-11-19 23:03:43 +01:00
if (( $tmpdir == '' ) || ! $zipExtension ) {
$retStr = json_encode ( $dbcontent );
if ( $doFtp ) {
return $this -> doFtp ( $pdo , $fileName , $retStr , null );
} else {
ob_start ();
header ( " Pragma: public " );
header ( " Expires: 0 " );
header ( " Cache-Control: must-revalidate, post-check=0, pre-check=0 " );
header ( " Cache-Control: public " );
header ( " Content-Description: File Transfer " );
header ( " Content-type: application/octet-stream " );
header ( " Content-Disposition: attachment; filename= \" $fileName\ " " );
header ( " Content-Transfer-Encoding: binary " );
header ( " Content-Length: " . strlen ( $retStr ));
2020-11-19 22:47:44 +01:00
2020-11-19 23:03:43 +01:00
echo $retStr ;
ob_end_flush ();
}
} else {
$zipfile = tempnam ( $tmpdir , " zip " );
$zip = new ZipArchive ();
if ( $zip -> open ( $zipfile , ZipArchive :: CREATE ) !== TRUE ) {
exit ( " cannot open < $zipfile > \n " );
}
foreach ( $filenames as $afilename ) {
$theTable = $afilename [ " table " ];
$theFilename = $afilename [ " file " ];
$str = file_get_contents ( $theFilename );
$substr = substr ( $str , 1 , 10 );
$zip -> addFile ( $theFilename , $theTable );
}
$zip -> addFromString ( " version " , $version );
$zip -> close ();
if ( $doFtp ) {
return $this -> doFtp ( $pdo , $fileName , null , $zipfile );
} else {
header ( 'Content-Description: File Transfer' );
header ( 'Content-Type: application/zip' );
header ( 'Content-Disposition: attachment; filename="' . basename ( $fileName ) . '"' );
header ( 'Expires: 0' );
header ( 'Cache-Control: must-revalidate' );
header ( 'Pragma: public' );
header ( 'Content-Length: ' . filesize ( $zipfile ));
readfile ( $zipfile );
}
foreach ( $filenames as $afilename ) {
unlink ( $afilename [ " file " ]);
}
unlink ( $zipfile );
exit ;
}
}
private function doFtp ( $pdo , $filename , $content , $zipfile ) {
try {
$ftphost = CommonUtils :: getConfigValue ( $pdo , 'ftphost' , '' );
$ftpuser = CommonUtils :: getConfigValue ( $pdo , 'ftpuser' , '' );
$ftppass = CommonUtils :: getConfigValue ( $pdo , 'ftppass' , '' );
2020-11-19 22:47:44 +01:00
2020-11-19 23:03:43 +01:00
$conn_id = ftp_connect ( $ftphost );
$login_result = ftp_login ( $conn_id , $ftpuser , $ftppass );
ftp_pasv ( $conn_id , true );
if (( ! $conn_id ) || ( ! $login_result )) {
return array ( " status " => " ERROR " , " msg " => " Ftp-Verbindung zum Server $ftphost konnte nicht hergestellt werden! " );
}
if ( is_null ( $zipfile )) {
$fp = fopen ( 'php://temp' , 'r+' );
//fwrite($fp, $content);
fwrite ( $fp , $content );
rewind ( $fp );
$upload = ftp_fput ( $conn_id , $filename , $fp , FTP_BINARY );
} else {
$upload = ftp_put ( $conn_id , $filename , $zipfile , FTP_BINARY );
}
ftp_close ( $conn_id );
if ( ! $upload ) {
return array ( " status " => " ERROR " , " msg " => " Ftp-Upload war nicht erfolgreich " );
} else {
return array ( " status " => " OK " );
}
} catch ( Exception $ex ) {
return array ( " status " => " ERROR " , " msg " => " Ftp-Upload war nicht erfolgreich: " . $ex -> getMessage ());
}
2020-11-19 22:47:44 +01:00
}
private function restore () {
2020-11-19 23:03:04 +01:00
set_time_limit ( 60 * 60 );
2020-11-19 23:00:35 +01:00
2020-11-19 22:47:44 +01:00
if ( $_FILES [ 'userfile' ][ 'error' ] != UPLOAD_ERR_OK //checks for errors
&& is_uploaded_file ( $_FILES [ 'userfile' ][ 'tmp_name' ])) { //checks that file is uploaded
2020-11-19 23:03:35 +01:00
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Kann Datei nicht laden. " ));
2020-11-19 22:47:44 +01:00
exit ();
}
2020-11-19 22:55:09 +01:00
if ( ! file_exists ( $_FILES [ 'userfile' ][ 'tmp_name' ])) {
2020-11-19 23:03:35 +01:00
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Datei existiert nicht. Bitte PHP-Variablen upload_max_filesize und post_max_size_checken. " ));
2020-11-19 22:47:44 +01:00
exit ();
}
2020-11-19 22:55:09 +01:00
if ( ! is_uploaded_file ( $_FILES [ 'userfile' ][ 'tmp_name' ])) {
2020-11-19 23:03:35 +01:00
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Datei konnte nicht hochgeladen werden. " ));
2020-11-19 22:55:09 +01:00
exit ();
}
2020-11-19 23:03:43 +01:00
$zipExtension = true ;
if ( ! extension_loaded ( " zip " )) {
$zipExtension = false ;
}
2020-11-19 23:10:26 +01:00
2020-11-19 23:03:43 +01:00
$origname = $_FILES [ 'userfile' ][ 'name' ];
$pdo = DbUtils :: openDbAndReturnPdoStatic ();
if ( CommonUtils :: strEndsWith ( $origname , '.zip' )) {
if ( $zipExtension ) {
$this -> restoreFromZip ( $pdo );
} else {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " PHP-Zip-Extension ist nicht installiert. " ));
exit ();
}
} else {
$this -> restoreFromJson ( $pdo );
}
}
2020-11-19 23:10:26 +01:00
private function getContextOfImportedJsonFile ( $dbContent ) {
2020-11-19 22:47:44 +01:00
2020-11-19 23:10:26 +01:00
$tableKey = 'table' ;
$fieldKey = 'fieldname' ;
$contentKey = 'content' ;
$valueKey = 'value' ;
if ( count ( $dbContent ) > 0 ) {
$sampleTable = $dbContent [ 0 ];
if ( isset ( $sampleTable [ 't' ])) {
$fieldKey = 'f' ;
$contentKey = 'c' ;
$tableKey = 't' ;
$valueKey = 'v' ;
}
}
2020-11-19 22:47:44 +01:00
2020-11-19 23:02:16 +01:00
foreach ( $dbContent as $table ) {
2020-11-19 23:10:26 +01:00
if ( $table [ $tableKey ] == 'config' ) {
2020-11-19 23:02:16 +01:00
$foundConfigItem = null ;
2020-11-19 23:10:26 +01:00
foreach ( $table [ $contentKey ] as $aConfigItem ) {
2020-11-19 23:02:16 +01:00
foreach ( $aConfigItem as $aConfigDbPart ) {
2020-11-19 23:10:26 +01:00
if (( $aConfigDbPart [ $fieldKey ] == 'name' ) && ( $aConfigDbPart [ $valueKey ] == 'version' )) {
2020-11-19 23:02:16 +01:00
$foundConfigItem = $aConfigItem ;
break ;
}
}
}
if ( ! is_null ( $foundConfigItem )) {
foreach ( $foundConfigItem as $aConfigDbPart ) {
2020-11-19 23:10:26 +01:00
if ( $aConfigDbPart [ $fieldKey ] == 'setting' ) {
$bakVersion = base64_decode ( $aConfigDbPart [ $valueKey ]);
return array ( $bakVersion , $tableKey , $fieldKey , $contentKey , $valueKey );
2020-11-19 23:02:16 +01:00
}
}
}
}
}
2020-11-19 23:10:26 +01:00
return array ( " 0 " , $tableKey , $fieldKey , $contentKey , $valueKey );
}
private function completeImportProcess ( $pdo ) {
if ( session_id () == '' ) {
session_start ();
}
$_SESSION = array ();
// Swipe via memory
if ( ini_get ( " session.use_cookies " )) {
// Prepare and swipe cookies
$params = session_get_cookie_params ();
// clear cookies and sessions
setcookie ( session_name (), '' , time () - 42000 ,
$params [ " path " ], $params [ " domain " ],
$params [ " secure " ], $params [ " httponly " ]
);
}
ini_set ( 'session.gc_max_lifetime' , 0 );
ini_set ( 'session.gc_probability' , 1 );
ini_set ( 'session.gc_divisor' , 1 );
session_destroy ();
$ok = Version :: runUpdateProcess ( $pdo , TAB_PREFIX , MYSQL_DB , null , false );
if ( $ok [ " status " ] != " OK " ) {
echo json_encode ( $ok );
return ;
}
$sql = " SELECT name FROM %config% WHERE name=? " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ( array ( " timezone " ));
$row = $stmt -> fetchObject ();
if ( $stmt -> rowCount () == 0 ) {
$timezone = DbUtils :: getTimeZone ();
$this -> changeOneConfigDbItem ( $pdo , " timezone " , $timezone );
}
echo json_encode ( self :: optimizeCore ( $pdo ));
}
private function createTablesAndUpdateUntilVersion ( $pdo , $basedb , $version ) {
2020-11-19 22:47:44 +01:00
$basedb -> dropTables ( $pdo );
2020-11-19 23:10:26 +01:00
$basedb -> createAndIntializeTables ( $pdo , '.' , 0 , 'Euro' , DbUtils :: getTimeZone ());
Version :: runUpdateProcess ( $pdo , TAB_PREFIX , MYSQL_DB , $version , false );
}
private function restoreFromJson ( $pdo ) {
$binaryFields = array ( " signature " , " img " , " setting " , " content " );
$content = file_get_contents ( $_FILES [ 'userfile' ][ 'tmp_name' ]);
$basedb = new Basedb ();
$basedb -> setPrefix ( TAB_PREFIX );
$basedb -> setTimeZone ( DbUtils :: getTimeZone ());
$pdo -> beginTransaction ();
$dbContent = json_decode ( $content , true );
$context = $this -> getContextOfImportedJsonFile ( $dbContent );
$bakVersion = $context [ 0 ];
$tableKey = $context [ 1 ];
$fieldKey = $context [ 2 ];
$contentKey = $context [ 3 ];
$valueKey = $context [ 4 ];
if (( CommonUtils :: startsWith ( $bakVersion , " 1.0 " )) || ( CommonUtils :: startsWith ( $bakVersion , " 1.1 " )) || ( CommonUtils :: startsWith ( $bakVersion , " 1.2 " ))) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Backup hat eine zu frühe Version zum Import ( $bakVersion ). " ));
exit ();
}
$this -> createTablesAndUpdateUntilVersion ( $pdo , $basedb , $bakVersion );
2020-11-19 22:47:44 +01:00
$typeIsOnlyConfig = true ;
2020-11-19 23:03:35 +01:00
self :: doSql ( $pdo , " SET foreign_key_checks = 0; " , null );
2020-11-19 22:47:44 +01:00
foreach ( $dbContent as $table ) {
2020-11-19 23:10:26 +01:00
$tablename = " % " . $table [ $tableKey ] . " % " ;
$sql = " DELETE FROM $tablename " ;
CommonUtils :: execSql ( $pdo , $sql , null );
$tablecontent = $table [ $contentKey ];
2020-11-19 22:47:44 +01:00
2020-11-19 23:10:26 +01:00
if ( $table [ $tableKey ] == " queue " ) {
2020-11-19 22:47:44 +01:00
$typeIsOnlyConfig = false ;
}
2020-11-19 22:51:46 +01:00
2020-11-19 23:10:26 +01:00
if ( $table [ $tableKey ] == " bill " ) {
2020-11-19 22:51:46 +01:00
$sql = " SET FOREIGN_KEY_CHECKS = 0 " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
}
2020-11-19 22:47:44 +01:00
foreach ( $tablecontent as $row ) {
$cols = array ();
$vals = array ();
$quests = array ();
foreach ( $row as $field ) {
2020-11-19 23:10:26 +01:00
$fieldname = $field [ $fieldKey ];
2020-11-19 22:47:44 +01:00
$cols [] = $fieldname ;
if ( in_array ( $fieldname , $binaryFields )) {
2020-11-19 23:10:26 +01:00
$vals [] = base64_decode ( $field [ $valueKey ]);
2020-11-19 22:47:44 +01:00
} else {
2020-11-19 23:10:26 +01:00
$vals [] = $field [ $valueKey ];
2020-11-19 22:47:44 +01:00
}
$quests [] = '?' ;
}
$colstr = implode ( " , " , $cols );
2020-11-19 22:51:46 +01:00
2020-11-19 22:47:44 +01:00
$queststr = implode ( " , " , $quests );
$sql = " INSERT INTO $tablename ( $colstr ) VALUES ( $queststr ) " ;
2020-11-19 23:10:26 +01:00
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
2020-11-19 22:47:44 +01:00
2020-11-19 23:00:35 +01:00
try {
$stmt -> execute ( $vals );
} catch ( Exception $e ) {
2020-11-19 23:03:35 +01:00
$errorMsg = $e -> getMessage ();
2020-11-19 23:00:35 +01:00
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 22:51:46 +01:00
2020-11-19 23:10:26 +01:00
if ( $table [ $tableKey ] == " bill " ) {
2020-11-19 23:03:43 +01:00
$sql = " SET FOREIGN_KEY_CHECKS = 1 " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
}
}
if ( ! $typeIsOnlyConfig ) {
HistFiller :: insertRestoreHistEntry ( $pdo );
}
self :: doSql ( $pdo , " SET foreign_key_checks = 1; " , null );
$basedb -> signLastBillid ( $pdo );
$pdo -> commit ();
2020-11-19 23:10:26 +01:00
$this -> completeImportProcess ( $pdo );
2020-11-19 23:03:43 +01:00
}
private function restoreFromZip ( $pdo ) {
$tmpdir = CommonUtils :: getConfigValue ( $pdo , 'tmpdir' , '' );
if ( $tmpdir == '' ) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Zip-Files können nur importiert werden, wenn ein PHP Temp. Directory konfiguriert ist. " ));
exit ();
}
$zip = new ZipArchive ;
$zipFile = $_FILES [ 'userfile' ][ 'tmp_name' ];
$jsonFiles = array ();
if ( $zip -> open ( $zipFile ) == TRUE ) {
for ( $i = 0 ; $i < $zip -> numFiles ; $i ++ ) {
$jsonFiles [] = $zip -> getNameIndex ( $i );
}
$zip -> extractTo ( $tmpdir , $jsonFiles );
$zip -> close ();
} else {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Hochgeladenes Zip-File kann nicht geöffnet werden. " ));
exit ();
}
$binaryFields = array ( " signature " , " img " , " setting " , " content " );
$basedb = new Basedb ();
$basedb -> setPrefix ( TAB_PREFIX );
$basedb -> setTimeZone ( DbUtils :: getTimeZone ());
2020-11-19 23:10:26 +01:00
$bakVersion = file_get_contents ( $tmpdir . " /version " );
2020-11-19 23:03:43 +01:00
2020-11-19 23:10:26 +01:00
if (( CommonUtils :: startsWith ( $bakVersion , " 1.0 " )) || ( CommonUtils :: startsWith ( $bakVersion , " 1.1 " )) || ( CommonUtils :: startsWith ( $bakVersion , " 1.2 " ))) {
echo json_encode ( array ( " status " => " ERROR " , " msg " => " Backup hat eine zu frühe Version zum Import ( $bakVersion ). " ));
2020-11-19 23:03:43 +01:00
exit ();
}
$pdo -> beginTransaction ();
2020-11-19 23:10:26 +01:00
$this -> createTablesAndUpdateUntilVersion ( $pdo , $basedb , $bakVersion );
2020-11-19 23:03:43 +01:00
$typeIsOnlyConfig = true ;
self :: doSql ( $pdo , " SET foreign_key_checks = 0; " , null );
foreach ( $jsonFiles as $table ) {
if ( $table == " version " ) {
continue ;
}
$tablename = " % " . $table . " % " ;
2020-11-19 23:10:26 +01:00
$sql = " DELETE FROM $tablename " ;
CommonUtils :: execSql ( $pdo , $sql , null );
2020-11-19 23:03:43 +01:00
$tablecontent = json_decode ( file_get_contents ( $tmpdir . " / " . $table ), true );
if ( $table == " queue " ) {
$typeIsOnlyConfig = false ;
}
if ( $table == " bill " ) {
$sql = " SET FOREIGN_KEY_CHECKS = 0 " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
}
foreach ( $tablecontent as $row ) {
$cols = array ();
$vals = array ();
$quests = array ();
foreach ( $row as $field ) {
try {
$fieldname = $field [ 'f' ];
$cols [] = $fieldname ;
if ( in_array ( $fieldname , $binaryFields )) {
$vals [] = base64_decode ( $field [ 'v' ]);
} else {
$vals [] = $field [ 'v' ];
}
$quests [] = '?' ;
} catch ( Exception $ex ) {
echo $ex -> getMessage ();
exit ;
}
}
$colstr = implode ( " , " , $cols );
$queststr = implode ( " , " , $quests );
$sql = " INSERT INTO $tablename ( $colstr ) VALUES ( $queststr ) " ;
$stmt = $pdo -> prepare ( $this -> dbutils -> resolveTablenamesInSqlString ( $sql ));
try {
$stmt -> execute ( $vals );
} catch ( Exception $e ) {
$errorMsg = $e -> getMessage ();
}
}
if ( $table == " bill " ) {
2020-11-19 22:51:46 +01:00
$sql = " SET FOREIGN_KEY_CHECKS = 1 " ;
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
}
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:03:43 +01:00
foreach ( $jsonFiles as $table ) {
unlink ( $tmpdir . " / " . $table );
}
2020-11-19 22:47:44 +01:00
if ( ! $typeIsOnlyConfig ) {
2020-11-19 22:59:47 +01:00
HistFiller :: insertRestoreHistEntry ( $pdo );
2020-11-19 22:47:44 +01:00
}
2020-11-19 23:03:35 +01:00
self :: doSql ( $pdo , " SET foreign_key_checks = 1; " , null );
2020-11-19 22:47:44 +01:00
$basedb -> signLastBillid ( $pdo );
$pdo -> commit ();
2020-11-19 23:10:26 +01:00
$this -> completeImportProcess ( $pdo );
2020-11-19 22:47:44 +01:00
}
private function shutdown () {
try {
if ( substr ( php_uname (), 0 , 7 ) == " Windows " ){
$comd = " shutdown /s /t 10 " ;
pclose ( popen ( " start /B " . $cmd , " r " ));
}
else {
chmod ( " shutdown.bat " , " 700 " );
$cmd = " sh < shutdown.bat " ;
exec ( $cmd . " > /dev/null & " );
}
echo json_encode ( array ( " status " => " OK " ));
} catch ( Exception $e ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_SCRIPT_NOT_EXECUTABLE , " msg " => ERROR_SCRIPT_NOT_EXECUTABLE_MSG ));
}
}
2020-11-19 22:59:47 +01:00
2020-11-19 23:10:26 +01:00
public static function optimizeCore ( $pdo ) {
2020-11-19 23:03:35 +01:00
set_time_limit ( 60 * 20 );
2020-11-19 23:02:19 +01:00
try {
self :: doSql ( $pdo , " OPTIMIZE TABLE %queue% " , null );
self :: doSql ( $pdo , " OPTIMIZE TABLE %billproducts% " , null );
2020-11-19 23:03:35 +01:00
self :: doSql ( $pdo , " OPTIMIZE TABLE %products% " , null );
self :: doSql ( $pdo , " OPTIMIZE TABLE %prodimages% " , null );
2020-11-19 23:02:19 +01:00
self :: doSql ( $pdo , " OPTIMIZE TABLE %extrasprods% " , null );
self :: doSql ( $pdo , " OPTIMIZE TABLE %queueextras% " , null );
self :: doSql ( $pdo , " OPTIMIZE TABLE %log% " , null );
2020-11-19 23:03:48 +01:00
self :: doSql ( $pdo , " OPTIMIZE TABLE %roles% " , null );
2020-11-19 23:10:26 +01:00
return array ( " status " => " OK " );
2020-11-19 23:02:19 +01:00
} catch ( Exception $ex ) {
2020-11-19 23:10:26 +01:00
return array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG );
2020-11-19 23:02:19 +01:00
}
2020-11-19 23:00:46 +01:00
}
2020-11-19 23:10:26 +01:00
private function optimize () {
$pdo = DButils :: openDbAndReturnPdoStatic ();
$ok = self :: optimizeCore ( $pdo );
echo json_encode ( $ok );
}
2020-11-19 23:02:19 +01:00
2020-11-19 23:00:58 +01:00
private static function getForeignKeyName ( $pdo , $fromtable , $totable , $dbname , $default = null ) {
$foreignKey = null ;
2020-11-19 22:59:47 +01:00
try {
2020-11-19 23:00:58 +01:00
$sql = " SELECT constraint_name as foreignkey FROM information_schema.REFERENTIAL_CONSTRAINTS WHERE constraint_schema = ' $dbname ' AND table_name = '% $fromtable %' AND REFERENCED_TABLE_NAME='% $totable %' " ;
$test = DbUtils :: substTableAlias ( $sql );
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
$stmt -> execute ();
$result = $stmt -> fetchAll ();
if ( count ( $result ) != 1 ) {
return $default ;
}
$foreignKey = $result [ 0 ][ " foreignkey " ];
} catch ( Exception $e ) {
return $default ;
}
return $foreignKey ;
}
private function golive () {
2020-11-19 23:02:19 +01:00
set_time_limit ( 60 * 10 );
2020-11-19 22:59:47 +01:00
$pdo = DButils :: openDbAndReturnPdoStatic ();
2020-11-19 23:00:58 +01:00
try {
$billprodref_fk = self :: getForeignKeyName ( $pdo , 'billproducts' , 'bill' , MYSQL_DB );
$queuebillref_fk = self :: getForeignKeyName ( $pdo , 'queue' , 'bill' , MYSQL_DB );
$billclosingref_fk = self :: getForeignKeyName ( $pdo , 'bill' , 'closing' , MYSQL_DB );
$billbillref_fk = self :: getForeignKeyName ( $pdo , 'bill' , 'bill' , MYSQL_DB );
2020-11-19 23:02:19 +01:00
$cuslogbillref_fk = self :: getForeignKeyName ( $pdo , 'customerlog' , 'bill' , MYSQL_DB );
2020-11-19 23:00:58 +01:00
} catch ( Exception $ex ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG . " - impossible to get foreign keys: $e " ));
}
try {
2020-11-19 23:02:19 +01:00
self :: doSql ( $pdo , " DELETE FROM %customerlog% " , null );
2020-11-19 23:11:27 +01:00
self :: doSql ( $pdo , " DELETE FROM %times% " , null );
self :: doSql ( $pdo , " DELETE FROM %recordsqueue% " , null );
self :: doSql ( $pdo , " DELETE FROM %records% " , null );
2020-11-19 23:02:19 +01:00
2020-11-19 22:59:47 +01:00
self :: doSql ( $pdo , " DELETE FROM %hist% " , null );
self :: doSql ( $pdo , " DELETE FROM %histprod% " , null );
self :: doSql ( $pdo , " DELETE FROM %histconfig% " , null );
self :: doSql ( $pdo , " DELETE FROM %histuser% " , null );
HistFiller :: readUserTableAndSendToHist ( $pdo );
$products = new Products ();
$menu = $products -> getSpeisekarte ( $pdo );
if ( $menu [ 'status' ] != " OK " ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG ));
return ;
} else {
self :: doSql ( $pdo , " SET foreign_key_checks = 0; " , null );
self :: doSql ( $pdo , " DELETE FROM %queueextras% " , null );
self :: doSql ( $pdo , " DELETE FROM %extrasprods% " , null );
self :: doSql ( $pdo , " DELETE FROM %extras% " , null );
self :: doSql ( $pdo , " DELETE FROM %billproducts% " , null );
self :: doSql ( $pdo , " DELETE FROM %queue% " , null );
self :: doSql ( $pdo , " DELETE FROM %printjobs% " , null );
self :: doSql ( $pdo , " DELETE FROM %bill% " , null );
self :: doSql ( $pdo , " DELETE FROM %ratings% " , null );
self :: doSql ( $pdo , " DELETE FROM %closing% " , null );
self :: doSql ( $pdo , " SET foreign_key_checks = 1; " , null );
$ret = $this -> fillSpeisekarteCore ( $pdo , $menu [ 'msg' ]);
self :: doSql ( $pdo , " DELETE FROM %products% WHERE removed is not null " , null );
self :: doSql ( $pdo , " SET foreign_key_checks = 0; " , null );
self :: doSql ( $pdo , " DELETE FROM %prodtype% WHERE removed is not null " , null );
self :: doSql ( $pdo , " SET foreign_key_checks = 1; " , null );
if ( $ret [ " status " ] != " OK " ) {
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG ));
return ;
}
HistFiller :: readAllProdsAndFillHistByDb ( $pdo );
self :: doSql ( $pdo , " DELETE w FROM %histprod% w INNER JOIN %hist% e ON refid=w.id WHERE action='4' " , null );
self :: doSql ( $pdo , " DELETE FROM %hist% where action='4' " , null );
}
2020-11-19 23:00:58 +01:00
self :: doSql ( $pdo , " alter table %bill% drop foreign key $billbillref_fk " , null );
2020-11-19 23:02:19 +01:00
self :: doSql ( $pdo , " alter table %customerlog% drop foreign key $cuslogbillref_fk " , null );
2020-11-19 23:00:58 +01:00
self :: doSql ( $pdo , " alter table %billproducts% drop foreign key $billprodref_fk " , null );
self :: doSql ( $pdo , " alter table %queue% drop foreign key $queuebillref_fk " , null );
2020-11-19 22:59:47 +01:00
self :: doSql ( $pdo , " ALTER TABLE %bill% DROP id " , null );
self :: doSql ( $pdo , " ALTER TABLE %bill% ADD id INT (10) NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST " , null );
2020-11-19 23:00:58 +01:00
self :: doSql ( $pdo , " ALTER TABLE %bill% ADD CONSTRAINT $billbillref_fk FOREIGN KEY (ref) REFERENCES %bill%(id) " , null );
2020-11-19 23:02:19 +01:00
self :: doSql ( $pdo , " ALTER TABLE %customerlog% ADD CONSTRAINT $cuslogbillref_fk FOREIGN KEY (billid) REFERENCES %bill%(id) " , null );
2020-11-19 23:00:58 +01:00
self :: doSql ( $pdo , " ALTER TABLE %billproducts% ADD CONSTRAINT $billprodref_fk FOREIGN KEY (billid) REFERENCES %bill%(id) " , null );
self :: doSql ( $pdo , " ALTER TABLE %queue% ADD CONSTRAINT $queuebillref_fk FOREIGN KEY (billid) REFERENCES %bill%(id) " , null );
self :: doSql ( $pdo , " alter table %bill% drop foreign key $billclosingref_fk " , null );
2020-11-19 22:59:47 +01:00
self :: doSql ( $pdo , " ALTER TABLE %closing% DROP id " , null );
self :: doSql ( $pdo , " ALTER TABLE %closing% ADD id INT (10) NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST " , null );
2020-11-19 23:00:58 +01:00
self :: doSql ( $pdo , " ALTER TABLE %bill% ADD CONSTRAINT $billclosingref_fk FOREIGN KEY (closingid) REFERENCES %closing%(id) " , null );
2020-11-19 22:59:47 +01:00
$basedb = new Basedb ();
$basedb -> setPrefix ( TAB_PREFIX );
$basedb -> setTimeZone ( DbUtils :: getTimeZone ());
$basedb -> signLastBillid ( $pdo );
$histFiller = new HistFiller ();
$histFiller -> readConfigTableAndSendToHist ();
self :: doSql ( $pdo , " DELETE FROM %resttables% WHERE removed is not null " , null );
self :: doSql ( $pdo , " DELETE FROM %room% WHERE removed is not null " , null );
2020-11-19 23:02:08 +01:00
self :: doSql ( $pdo , " DELETE FROM %reservations% " , null );
self :: doSql ( $pdo , " DELETE FROM %groupcustomer% " , null );
self :: doSql ( $pdo , " DELETE FROM %vacations% " , null );
self :: doSql ( $pdo , " DELETE FROM %groups% " , null );
self :: doSql ( $pdo , " DELETE FROM %customers% " , null );
2020-11-19 23:03:48 +01:00
Workreceipts :: resetWorkReceiptId ( $pdo );
2020-11-19 23:02:08 +01:00
2020-11-19 22:59:47 +01:00
echo json_encode ( array ( " status " => " OK " ));
} catch ( Exception $e ) {
2020-11-19 23:00:58 +01:00
echo json_encode ( array ( " status " => " ERROR " , " code " => ERROR_COMMAND_ERROR , " msg " => ERROR_COMMAND_ERROR_MSG . " - Error message: $e " ));
2020-11-19 22:59:47 +01:00
}
}
private static function doSql ( $pdo , $sql , $params ) {
$stmt = $pdo -> prepare ( DbUtils :: substTableAlias ( $sql ));
if ( is_null ( $params )) {
$stmt -> execute ();
} else {
$stmt -> execute ( $params );
}
}
2020-11-19 23:10:26 +01:00
}