ordersprinter/webapp/php/bill.php

<?php
// Datenbank-Verbindungsparameter
require_once ('dbutils.php');
require_once ('commonutils.php');
require_once ('admin.php');
require_once ('reports.php');
require_once ('utilities/pdfexport.php');
require_once ('3rdparty/phpexcel/classes/PHPExcel.php');

define('FPDF_FONTPATH','3rdparty/fpdf/font/');

define ('DO_EXCEL',1);
define ('DO_CSV',2);

class Bill {
	var $dbutils;
	var $t;

	private $P_SUM = array("Summe:","Sum:","Todo:");
	private $P_TOTAL = array("Total","Total","Total");
	private $P_MWST = array("MwSt","Tax","IVA");
	private $P_NETTO = array("Netto","Net","Neto");
	private $P_BRUTTO = array("Brutto","Gross","Bruto");
	private $P_ID = array("Id:","Id:","Id:");
	private $P_TABLE = array("Tisch:","Table:","Mesa:");
	private $P_WAITER = array("Es bediente Sie:", "Waiter:", "Camarero:");
	private $P_NO = array("Anz.", "No.", "Nú.");
	private $P_DESCR = array("Beschreibung","Description","Descripción");
	private $P_PRICE = array("Preis","Price","Precio");
	
	private static $daynamesStartSunday = array(
		array("Sonntag","Sunday","Domingo"),
		array("Montag","Monday","Lunes"),
		array("Dienstag","Tuesday","Martes"),
		array("Mittwoch","Wednesday","Miércoles"),
		array("Donnerstag","Thursday","Jueves"),
		array("Freitag","Friday","Viernes"),
		array("Samstag","Saturday","Sábado")	
	);
	
	function __construct() {
		$this->dbutils = new DbUtils();
		require_once 'translations.php';
	}
	
	function handleCommand($command) {
		$cmdsThatNeedAdminOrManagerRights = array('exportCsv','exportAllCsv','exportAllExcel','exportXlsx','exportPdfReport','exportPdfReportClosPeriod',
		    'exportPdfSummary','exportPdfSummaryClosPeriod');
		if (in_array($command, $cmdsThatNeedAdminOrManagerRights)) {
			if (!$this->hasCurrentUserAdminOrManagerRights()) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_AUTHOTRIZED, "msg" => ERROR_BILL_NOT_AUTHOTRIZED_MSG));
				return;
			}
		}
		
		if ($command == 'exportCsv') {
			$this->exportCsv($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear'],DO_CSV);
			return;
		}
		if ($command == 'exportAllCsv') {
			$this->exportAllCsvOrExcel($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear'],DO_CSV);
			return;
		}
		if ($command == 'exportAllExcel') {
			$this->exportAllCsvOrExcel($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear'],DO_EXCEL);	
			return;
		}
		if ($command == 'exportXlsx') {
			$this->exportCsv($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear'],DO_EXCEL);
			return;
		}
		if ($command == 'exportPdfReport') {
			$this->exportPdfReport($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear'],null,null);
			return;
		}
		if ($command == 'exportPdfReportClosPeriod') {
			$this->exportPdfReport(0,0,0,0,$_GET['closidstart'],$_GET['closidend']);
			return;
		}
		if ($command == 'exportPdfSummary') {
			$this->exportPdfSummary($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']);
			return;
		}
		
		if ($command == 'exportPdfSummaryClosPeriod') {
			$this->exportPdfSummaryClosPeriod($_GET['closidstart'],$_GET['closidend']);
			return;
		}
		if ($command == 'autoBackupPdfSummary') {
			$this->autoBackupPdfSummary($_POST['remoteaccesscode']);
			return;
		}
		
		if ($command == 'exportCsvOfClosing') {
			if ($this->hasCurrentUserAdminOrManagerRights()) {
				$this->exportCsvOfClosing($_GET['closingid'],DO_CSV);
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_MANAGER_NOT_AUTHOTRIZED, "msg" => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG));
			}
			return;
		}
		if ($command == 'exportXlsxOfClosing') {
			if ($this->hasCurrentUserAdminOrManagerRights()) {
				$this->exportCsvOfClosing($_GET['closingid'],DO_EXCEL);
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_MANAGER_NOT_AUTHOTRIZED, "msg" => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG));
			}
			return;
		}
		if ($command == 'doCashAction') {
			if ($this->hasCurrentUserPaydeskRights()) {
			    $remark = "";
			    if(isset($_POST["remark"])) {
				    $remark = $_POST['remark'];
			    }
			    $this->doCashAction($_POST['money'],$remark);
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG));
			}
			return;
		} else if ($command == 'getCashOverviewOfUser') {
			if ($this->hasCurrentUserPaydeskRights()) {
				$this->getCashOverviewOfUser();
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG));	
			}
			return;
		}
		
		if ($command == 'changeBillHost') {
			if ($this->hasCurrentUserPaydeskRights()) {
				$pdo = DbUtils::openDbAndReturnPdoStatic();
				$this->changeBillHost($pdo,$_POST['billid'],$_POST['isNowHost']);
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG));
			}
			return;
		}
		if ($command == 'initaustriareceipt') {
			if ($this->hasCurrentUserAdminOrManagerRights()) {
				$pdo = DbUtils::openDbAndReturnPdoStatic();
				$status = $this->initaustriareceipt($pdo);
				echo json_encode($status);
				return;
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_MANAGER_NOT_AUTHOTRIZED, "msg" => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG));
			}
			return;
		}
		
		if ($command == 'initCardPayment') {
			if ($this->hasCurrentUserPaydeskRights()) {
				$pdo = DbUtils::openDbAndReturnPdoStatic();
				$retVal = $this->initCardPayment($pdo,$_POST['billid']);
				echo json_encode($retVal);
				return;
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG));
				return false;
			}
			return;
		}
		
		if ($command == 'cancelCardPayment') {
			$pdo = DbUtils::openDbAndReturnPdoStatic();
			$retVal = $this->cancelCardPayment($pdo,$_POST['billid'],$_POST['randvalue']);
			echo json_encode($retVal);
			return;
		}
		
		if ($this->hasCurrentUserBillRights()) {
			if ($command == 'getLastBillsWithContent') {
				$this->getLastBillsWithContent($_GET['day'],$_GET['month'],$_GET['year']);
				return;
			} else if ($command == 'cancelBill') {
				$pdo = DbUtils::openDbAndReturnPdoStatic();
				$this->cancelBill($pdo,$_POST['billid'],$_POST['stornocode'],$_POST['reason'],true,true,true,$_POST['removeproducts']);
				return;
			}
		} else {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_AUTHOTRIZED, "msg" => ERROR_BILL_NOT_AUTHOTRIZED_MSG));
		}
	}

	private function hasCurrentUserBillRights() {
		session_start();
		if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
			return false;
		} else {
			return ($_SESSION['right_bill']);
		}
	}
	
	private function hasCurrentUserPaydeskRights() {
		session_start();
		if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
			return false;
		} else {
			return ($_SESSION['right_paydesk']);
		}
	}
	
	private function hasCurrentUserAdminOrManagerRights() {
		session_start();
		if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
			return false;
		} else {
			return ($_SESSION['right_manager'] || $_SESSION['is_admin']);
		}
	}
	
	public function initCardPayment($pdo,$billid) {
		$randval = md5(rand(0,  getrandmax()));
		$sql = "INSERT INTO %work% (item,value,signature) VALUES(?,?,?)";
		CommonUtils::execSql($pdo, $sql, array("sumuphash",$billid,$randval));
		return array("status" => "OK","msg" => $randval);
	}
	
	public function cancelCardPayment($pdo,$billid,$randVal) {
		$sql = "SELECT count(id) as countid FROM %work% WHERE item=? AND value=? AND signature=?";
		$result = CommonUtils::fetchSqlAll($pdo, $sql, array("sumuphash",$billid,$randVal));
		$countid = $result[0]["countid"];
		if ($countid != 1) {
			return array("status" => "ERROR","msg" => "Keine Authorisierung zum Stornieren der Rechnung");
		} else {
			
			$failuretext = CommonUtils::getConfigValue($pdo, "sumupfailuretext", "");
			$ok = $this->cancelBill($pdo, $billid, '', $failuretext, true, false, false, 0);
			
			if ($ok) {
				$sql = "DELETE FROM %work% WHERE item=? AND value=? AND signature=?";
				CommonUtils::execSql($pdo, $sql, array("sumuphash",$billid,$randVal));
				return array("status" => "OK");
			} else {
				return array("status" => "ERROR","msg" => "Stornierung fehlgeschlagen");
			}
		}
	}
	
	
	function billIsCancelled($pdo,$billid) {
		$sql = "SELECT status FROM %bill% WHERE id=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($billid));
		$row = $stmt->fetchObject();
		$status = $row->status;
		$ret = false;
		if (($status == "x") || ($status == "s")) {
			$ret = true;
		}
		return $ret;
	}
	
	private function createBillOverallInfo($billid,$thetimedate,$tablename,$brutto,$netto,$username,$printer,$host) {
		$thetimedate_arr = explode ( ' ', $thetimedate );
		$thedate = $thetimedate_arr[0];
		$datearr = explode ( '-', $thedate );
		$day = sprintf("%02s", $datearr[2]);
		$month = sprintf("%02s", $datearr[1]);
		$year = sprintf("%04s", $datearr[0]);
		$thetime = $thetimedate_arr[1];
		$thetimearr = explode ( ':', $thetime );
		$hour = $thetimearr[0];
		$min = $thetimearr[1];
		$thetimedate = "$day.$month.$year $hour:$min";

		$billoverallinfo = array(
				"id" => $billid,
				"billdate" => $thetimedate,
				"billday" => $day,
				"billmonth" => $month,
				"billyear" => $year,
				"billhour" => $hour,
				"billmin" => $min,
				"brutto" => $brutto,
				"netto" => $netto,
				"table" => $tablename,
				"username" => $username,
				"printer" => $printer,
				"host" => $host
		);
		return $billoverallinfo;
	}
	
	private function createBillTranslations($language) {
		$billtranslations = array(
					"sum" => $this->P_SUM[$language],
					"total" => $this->P_TOTAL[$language],
					"mwst" => $this->P_MWST[$language],
					"netto" => $this->P_NETTO[$language],
					"brutto" => $this->P_BRUTTO[$language],
					"id" => $this->P_ID[$language],
					"table" => $this->P_TABLE[$language],
					"waiter" => $this->P_WAITER[$language],
					"no" => $this->P_NO[$language],
					"descr" => $this->P_DESCR[$language],
					"price" => $this->P_PRICE[$language]
			);
		return $billtranslations;
	}
	
	/**
	 * get the content of a bill (to be used for printserver etc.)
	 * 
	 * @param unknown $billid
	 */
	function getBillWithId($pdo,$billid,$language,$printer,$includeGuestInfo = false,$includePayment = false) {
		set_time_limit(120);

		$commonUtils = new CommonUtils();
		$correct = $commonUtils->verifyBill($pdo, $billid);
		if (!$correct) {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG));
			return;
		}
		
		
		$sql = "SELECT tableid,status FROM %bill% WHERE id=?";
		$row = CommonUtils::getRowSqlObject($pdo, $sql,array($billid));
		if ($row->status == 'c') {
			return $this->getCashBill($pdo,$billid,$language,$printer);
		}

		$sql = "SELECT count(id) as countid FROM %queue% WHERE billid=?";
		$qrow = CommonUtils::getRowSqlObject($pdo, $sql, array($billid));
		
		$tableid = $row->tableid;
		if ($qrow->countid == 0) {
			if ($tableid == 0) {
				$sql = "SELECT DISTINCT billdate,brutto,ROUND(netto,2) as netto,'-' as tablename,username,host,IFNULL(%bill%.status,'') as status,guestinfo,paymentid,printextras FROM %bill%,%user% WHERE %bill%.id=? AND userid=%user%.id AND tableid='0' ";
			} else {
				$sql = "SELECT DISTINCT billdate,brutto,ROUND(netto,2) as netto,tableno as tablename,username,host,IFNULL(%bill%.status,'') as status,guestinfo,paymentid,printextras FROM %bill%,%user%,%resttables% WHERE %bill%.id=? AND userid=%user%.id AND tableid=%resttables%.id ";
			}
		} else {
			if ($tableid == 0) {
				$sql = "SELECT DISTINCT billdate,brutto,ROUND(netto,2) as netto,'-' as tablename,username,host,IFNULL(%bill%.status,'') as status,guestinfo,paymentid,printextras FROM %bill%,%user%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid='0' AND paidtime is not null ";
			} else {
				$sql = "SELECT DISTINCT billdate,brutto,ROUND(netto,2) as netto,tableno as tablename,username,host,IFNULL(%bill%.status,'') as status,guestinfo,paymentid,printextras FROM %bill%,%user%,%resttables%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid=%resttables%.id AND paidtime is not null ";
			}
		}
		$row = CommonUtils::getRowSqlObject($pdo, $sql, array($billid));
		
		$status = $row->status;
		$sign = ($status == "s" ? "-" : "");
		
		if ($tableid != 0) {
			$sql = "SELECT abbreviation FROM %room%,%resttables% WHERE %resttables%.id=? AND %resttables%.roomid=%room%.id";
			$trow = CommonUtils::getRowSqlObject($pdo, $sql, array($tableid));
			if (is_null($trow->abbreviation) || ($trow->abbreviation == '')) {
				$tablename = $row->tablename;
			} else {
				$tablename = $trow->abbreviation . "-" . $row->tablename;
			}
		} else {
			$tablename = "-";
		}
		
		if ($row == null) {
			echo json_encode(array("billoverallinfo" => array()));
			return;
		} else {
			if (is_null($row->host)) {
				$host = 0; // default
			} else {
				$host = $row->host;
			}
			$thetimedate = $row->billdate;
			$printextrasOfReceipt = $row->printextras;
			$printExtras = false;
			if ($printextrasOfReceipt == 1) {
				$printExtras = true;
			}
			
			$billoverallinfo = $this->createBillOverallInfo($billid,$thetimedate,$tablename,$row->brutto,$row->netto,$row->username,$printer,$host);

			if ($includeGuestInfo) {
				if (is_null($row->guestinfo)) {
					$billoverallinfo["guestinfo"] = '';
				} else {
					$billoverallinfo["guestinfo"] = $row->guestinfo;
				}
			}
			
			if ($includePayment) {
				$col = "name";
				if ($language == 1) {
					$col = "name_en";
				} else if ($language == 2) {
					$col = "name_esp";
				}
				$paymentid = $row->paymentid;
				$sql = "SELECT $col FROM %payment% as name WHERE id=?";
				$paymentname = CommonUtils::getRowSqlObject($pdo, $sql, array($paymentid));
				$billoverallinfo["payment"] = $paymentname->name;
			}

			$billtranslations = $this->createBillTranslations($language);
		}
		
		$unit = CommonUtils::caseOfSqlUnitSelection($pdo);
		$sql = "select CONCAT($unit,productname) as productname,price,%pricelevel%.name as pricelevelname,togo,count(Q.productname) as count,%prodtype%.kind as kind ";
		$sql .= " FROM %queue% Q,%pricelevel%,%billproducts%,%prodtype%,%products% where %billproducts%.billid=? AND %billproducts%.queueid=Q.id ";
		$sql .= " AND Q.pricelevel = %pricelevel%.id AND Q.productid = %products%.id AND %products%.category = %prodtype%.id ";
		$sql .= " GROUP BY kind, CONCAT($unit,productname),price,pricelevelname,togo";

		if ($printExtras) {
			$sql = "SELECT 
				CONCAT($unit,productname) as productname,
				price,
				PL.name as pricelevelname,
				togo,
				count(Q.productname) as count,
				PT.kind as kind,
				(
				    SELECT GROUP_CONCAT(extraid ORDER BY extraid)
				    FROM
					%queueextras% QE
				    WHERE
					Q.id=QE.queueid
				) as concatstr
			     FROM
				%queue% Q,
				%pricelevel% PL,
				%billproducts% BP,
				%prodtype% PT,
				%products% P
			     WHERE
			       BP.billid=? AND 
			       BP.queueid=Q.id AND 
			       Q.pricelevel = PL.id AND 
			       Q.productid = P.id AND 
			       P.category = PT.id 
			     GROUP BY 
				kind,
				CONCAT($unit,productname),
				price,
				pricelevelname,
				togo,
				concatstr
			";
		
		};
		$result = CommonUtils::fetchSqlAll($pdo, $sql, array($billid));
	
		$prodarray = array();
		foreach($result as $zeile) {
			$productname = $zeile['productname'];
			if ($zeile["togo"] == 1) {
				$productname = "To-Go: " . $productname;
			}
			$prodarray[] = array("count" => $zeile['count'],
					"productname" => $productname,
					"pricelevel" => $zeile['pricelevelname'],
					"price" => $sign . $zeile['price']
			);
			if ($printExtras) {
				$extrasConcatStr = $zeile['concatstr'];
				if (!is_null($extrasConcatStr)) {
					$sql = "SELECT name FROM %extras% WHERE id IN ($extrasConcatStr)";
					$allExtras = CommonUtils::fetchSqlAll($pdo, $sql, null);
					foreach($allExtras as $anExtra) {
						$prodarray[] = array("count" => 0,
						    "productname" => ' + ' . $anExtra['name'],
						    "pricelevel" => $zeile['pricelevelname'],
						    "price" => 0
						    );
					}
				}
			}
		}

		
		$sql = "select tax,concat('$sign',round(sum(price) - sum(price / (1.0 + tax/100.0)),2)) as mwst, concat('$sign',round(sum(price / (1.0 + tax/100.0)),2)) as netto, concat('$sign',sum(price)) as brutto FROM %queue%,%billproducts% WHERE %billproducts%.billid=? AND %billproducts%.queueid=%queue%.id group by tax ORDER BY tax";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($billid));
		$result = $stmt->fetchAll(PDO::FETCH_OBJ);

		$out = array("billoverallinfo" => $billoverallinfo,"translations" => $billtranslations,"products" => $prodarray, "taxes" => $result);
		return $out;
	}

	private function getCashBill($pdo,$billid,$language,$printer) {
		$sql = "SELECT billdate,ROUND(brutto,2) as brutto,ROUND(netto,2) as netto,ROUND(tax,2) as tax,username,userid,reason FROM %bill% B, %user% U WHERE B.id=? AND B.userid=U.id";
		$result = CommonUtils::fetchSqlAll($pdo, $sql, array($billid));
		$r = $result[0];
		
		$brutto = $r["brutto"];
		$netto = $r["netto"];
		
		$billoverallinfo = $this->createBillOverallInfo($billid,$r["billdate"],' ',$brutto,$netto,$r["username"],$printer,0);
		$billoverallinfo["guestinfo"] = '';
		
		$billtranslations = $this->createBillTranslations($language);
		
		$prods = array();
		$prods[] = array(
		    "productname" => "Barein-/auslage",
		    "price" => $r["brutto"],
		    "pricelevel" => "A",
		    "count" => 1
		    );
		$reason = $r["reason"];
		if (!is_null($reason)) {
			$prods[] = array(
			    "productname" => "($reason)",
			    "price" => 0,
			    "pricelevel" => "A",
			    "count" => 0
			);
		}
		
		$taxes = array(
		    array("tax"=> "0.00","mwst" => "0.00", "netto" => $netto,"brutto" => $brutto)
		);
		
		$out = array("billoverallinfo" => $billoverallinfo,"translations" => $billtranslations,"products" => $prods, "taxes" => $taxes);
		return $out;
	}
	
	public function getAustriaTaxes($pdo,$billid) {
	    $sql = "select tax,IF(taxaustria is not null, taxaustria, 0) as taxaustria,concat('$sign',round(sum(price) - sum(price / (1.0 + tax/100.0)),2)) as mwst, concat('$sign',round(sum(price / (1.0 + tax/100.0)),2)) as netto, concat('$sign',sum(price)) as brutto FROM %queue%,%billproducts% WHERE %billproducts%.billid=? AND %billproducts%.queueid=%queue%.id group by tax ORDER BY taxaustria";
	    $stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
	    $stmt->execute(array($billid));
	    $result = $stmt->fetchAll(PDO::FETCH_OBJ);
	    return $result;
	}
	
	/*
	 * insert or take out cash money. The direction done by sign of $money value
	 */
	private function doCashAction($money,$remark) {
		date_default_timezone_set(DbUtils::getTimeZone());
		$currentTime = date('Y-m-d H:i:s');

		$pdo = $this->dbutils->openDbAndReturnPdo();
		CommonUtils::log($pdo, "QUEUE", "Cash action with money '$money' at billtime '$currentTime'");
		$pdo->beginTransaction();
		
		$sql = "SELECT sum(brutto) as bruttosum FROM %bill% WHERE closingid is null AND paymentid='1'";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute();
		$row =$stmt->fetchObject();
		if ($row != null) {
			$sum = $row->bruttosum;
			if (is_null($sum)) {
				$sum = 0.0;
			}
			if (($sum + floatval($money)) >= 0.0) {
				
				$nextbillid = $this->testForNewBillIdAndUpdateWorkTable($pdo);
				if ($nextbillid < 0) {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG));
					$pdo->rollBack();
				}
				
				$userId = $this->getUserId();
				$commonUtils = new CommonUtils();
				if (trim($money) == '') {
					$money = '0.00';
				}
				CommonUtils::log($pdo, "QUEUE", "Calc bill signature for cash money '$money' at billtime '$currentTime'");
				$signature = CommonUtils::calcSignatureForBill($currentTime, $money, $money, $userId);
				
				$sql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`reason`,`signature`) VALUES ( ?, ? , ?,?,?, ?, 'c', ?,?,?,?,?)";
				$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
				$stmt->execute(array($nextbillid,$currentTime,$money,$money,'0.00',-1,1,$userId,NULL,$remark,$signature));
				
				$lastId = $pdo->lastInsertId();
				$prevbrutto = 0;
				$prevnetto = 0;
				if ($lastId > 1) {
					$sql = "SELECT brutto,prevbrutto,netto,prevnetto FROM %bill% WHERE id=?";
					$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
					$stmt->execute(array($lastId-1));
					$row =$stmt->fetchObject();
				}
				$sql = "UPDATE %bill% SET prevbrutto=?,prevnetto=? WHERE id=?";
				$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
				$stmt->execute(array($row->brutto + $row->prevbrutto,$row->netto + $row->prevnetto,$lastId));
				
				$printcash = CommonUtils::getConfigValue($pdo, 'printcash', 0);
				if ($printcash == 1) {
					if(session_id() == '') {
						session_start();
					}
					$printer = $_SESSION['receiptprinter'];
					PrintQueue::internalQueueReceiptPrintjob($pdo, $nextbillid, $printer);
				}
				$pdo->commit();
				echo json_encode(array("status" => "OK"));
			} else {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT, "msg" => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT_MSG));
			}
		} else {
			$pdo->rollBack();
			echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_PAYDESK_SUM, "msg" => ERROR_GENERAL_PAYDESK_SUM_MSG));
			return;
		}
	}
	
	/*
	 * User may ask what money he should have in his pocket by serving the guests. If the inserts and 
	 * take outs are in in his waiter paydesk then this value is of interest, too. Return both.
	 */
	function getCashOverviewOfUser() {
		$pdo = DbUtils::openDbAndReturnPdoStatic();
		$userId = $this->getUserId();
		
		if(session_id() == '') {
			session_start();
		}
		$lang = $_SESSION['language'];
		$paymentnameitem = "name";
		if ($lang == 1) {
			$paymentnameitem = "name_en";
		} else if ($lang == 2) {
			$paymentnameitem = "name_esp";
		}
		$cashPerPayments = array();
		for ($paymentid=1;$paymentid<=8;$paymentid++) {
			$sql = "SELECT $paymentnameitem as payname FROM %payment% WHERE id=?";
			$row = CommonUtils::getRowSqlObject($pdo, $sql, array($paymentid));
			$paymentname = $row->payname;
			
			$onlyCashByGuests = 0.0;
			$pdo = $this->dbutils->openDbAndReturnPdo();
			$sql = "SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND status is null AND paymentid=? AND userid=?";
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
			$stmt->execute(array($paymentid,$userId));
			$row =$stmt->fetchObject();
			if ($row != null) {
				if ($row->sumtotal != null) {
					$onlyCashByGuests = $row->sumtotal;
				}
			}
			if ($onlyCashByGuests != '0.00') {
				$cashPerPayments[] = array("payment" => $paymentname,"value" => $onlyCashByGuests);
			}
		}
		
		$cashByGuestsAndInsertTakeOut = 0.0;
		$sql = "SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND paymentid='1' AND userid='$userId' AND (status is null OR status ='c')";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute();
		$row =$stmt->fetchObject();
		if ($row != null) {
			if ($row->sumtotal != null) {
				$cashByGuestsAndInsertTakeOut = $row->sumtotal;
			}
		}
		echo json_encode(array("cashperpayments" => $cashPerPayments,"total" => $cashByGuestsAndInsertTakeOut));
	}
	
	function getLastBillsWithContent($day,$month,$year) {		
		date_default_timezone_set(DbUtils::getTimeZone());
		$startDate = "$year-$month-$day 00:00:00";
		$endDate = "$year-$month-$day 23:59:59";
		
		$whenClause = " (billdate >= ? AND billdate <= ?)";
		
		$pdo = DbUtils::openDbAndReturnPdoStatic();
		$admin = new Admin();
		$genValues = $admin->getGeneralConfigItems(false, $pdo);
		$l = $genValues['billlanguage'];
		
		$commonUtils = new CommonUtils();
		
		$sql  = "SELECT id,billdate,brutto,tableid,closingid,status,host FROM %bill% WHERE tableid >= '0' AND $whenClause  ";
		$sql .= "UNION ";
		$sql .= "SELECT id,billdate,brutto,tableid,closingid,status,host FROM %bill% WHERE status='c' AND $whenClause ";
		$sql .= "ORDER BY id DESC,billdate DESC";
		$result = CommonUtils::fetchSqlAll($pdo, $sql,array($startDate,$endDate,$startDate,$endDate));

		$resultarray = array();
		foreach($result as $zeile) {
			$theId = $zeile['id'];
			if (!$commonUtils->verifyBill($pdo, $theId)) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG));
				return;
			}
			date_default_timezone_set(DbUtils::getTimeZone());
			$date = new DateTime($zeile['billdate']);
			$shortdate = $date->format('H:i');
			$closingID = $zeile['closingid'];
			$isClosed = (is_null($closingID) ? 0 : 1);
			
			$host = 0;
			$tablename = "-";
			if ($zeile["status"] != 'c') {
				$host = $zeile['host'];
				$tablename = $commonUtils->getTableNameFromId($pdo,$zeile['tableid']);
			}
			
			if ($this->billIsCancelled($pdo,$theId)) {
				$isClosed = 1;
			}

			$arr = array("id" => $theId,
					"longdate" => $zeile['billdate'],
					"shortdate" => $shortdate,
					"brutto" => $zeile['brutto'],
					"tablename" => $tablename,
					"billcontent" => $this->getBillWithId($pdo,$theId,$l,0,true,false),
					"isClosed" => $isClosed,
					"host" => $host
			);
			
			$resultarray[] = $arr;
		}

		$hosthtml = file_get_contents("../customer/bon-bewirtungsvorlage.html");
		
		ob_start();
		echo json_encode(array("status" => "OK", "code" => OK, "msg" => $resultarray, "hosthtml" => $hosthtml));
		ob_end_flush();
	}

	private function getUserId() {
		if(session_id() == '') {
			session_start();
		}
		return $_SESSION['userid'];
	}

	/**
	 * Test if it is allowed to insert new bill as storno bill or if manipulation has happened
	 * 
	 * Returns (-1) in case of an error, a positive return value is the new id, (which is already updated in work table)
	 */
	private function testForNewBillIdAndUpdateWorkTable($pdo) {
		$commonUtils = new CommonUtils();
		$sql = "SELECT MAX(id) as maxbillid FROM %bill%";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute();
		$row = $stmt->fetchObject();
		$nextbillid = intval($row->maxbillid) + 1;
		if (!$commonUtils->verifyLastBillId($pdo, $nextbillid)) {
			return (-1);
		} else {
			$commonUtils->setLastBillIdInWorkTable($pdo, $nextbillid);
			return $nextbillid;
		}
	}
	
	private function initaustriareceipt($pdo) {
		date_default_timezone_set(DbUtils::getTimeZone());
		$currentTime = date('Y-m-d H:i:s');
		
		$pdo->beginTransaction();
		
		try {
			// calculate next bill id
			$sql = "SELECT MAX(id) as maxid FROM %bill%";
			$row = CommonUtils::getRowSqlObject($pdo, $sql);
			$maxbillid = $row->maxid;
			$nextbillid = 1;
			$newprevbrutto = 0;
			$newprevnetto = 0;
			if (!is_null($maxbillid)) {
				$nextbillid = intval($maxbillid) + 1;

				$sql = "SELECT brutto,ROUND(netto,2) as netto,prevbrutto,prevnetto FROM %bill% WHERE id=?";
				$row = CommonUtils::getRowSqlObject($pdo, $sql, array(intval($maxbillid)));
				$newprevbrutto = $row->prevbrutto ;
				$newprevnetto = $row->prevnetto;
			}

			$commonUtils = new CommonUtils();
			$commonUtils->setLastBillIdInWorkTable($pdo, $nextbillid);

			$tableid = 0;
			if(session_id() == '') {
				session_start();
			}
			$userid = $_SESSION['userid'];
			$signature = CommonUtils::calcSignatureForBill($currentTime, '0.00', '0.00', $userid);

			$sql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`prevbrutto`,`prevnetto`,`tableid`,`paymentid`,`userid`,`ref`,`tax`,`host`,`reservationid`,`guestinfo`,`intguestid`,`signature`,`reason`) VALUES (?,?,?,?,?,?,?,?,?,NULL,NULL,?,?,?,?,?,?)";
			CommonUtils::execSql($pdo, $sql, array($nextbillid,$currentTime,'0.00', '0.00',$newprevbrutto,$newprevnetto,$tableid,1,$userid,0,null,null,null,$signature,'STARTBELEG'));

			CommonUtils::log($pdo, "QUEUE", "Created bill STARTBELEG with id=$nextbillid from user $userid");
			
			Rksv::doStartBeleg($pdo, $nextbillid, $currentTime);
			
		} catch (Exception $ex) {
			$pdo->rollBack();
			return array("status" => "ERROR", "msg" => $ex->getMessage());
		}
		$pdo->commit();
		
		return array("status" => "OK");
	}
	
	private function changeBillHost($pdo,$billid,$isNowHost) {
		$sql = "SELECT host,closingid FROM  %bill% WHERE id=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($billid));
		$row = $stmt->fetchObject();
		if ($row->host != $isNowHost) {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_WO_HOST, "msg" => ERROR_BILL_NOT_WO_HOST_MSG));
			return;
		}
		if (!is_null($row->closingid)) {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_ALREADY_CLOSED, "msg" => ERROR_BILL_ALREADY_CLOSED_MSG));
			return;
		}

		$pdo->beginTransaction();
		
		$sql = "SELECT queueid FROM %billproducts% WHERE billid=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($billid));
		$idsOfBill = $stmt->fetchAll();
		$ids = array();
		foreach($idsOfBill as $anId) {
			$ids[] = $anId["queueid"];
		}
		
		$sql = "SELECT brutto,netto,tableid,paymentid,tax,reservationid,guestinfo,intguestid,intguestpaid FROM %bill% WHERE id=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($billid));
		$row = $stmt->fetchObject();
		
		$ok = $this->cancelBill($pdo, $billid, "", "OrderSprinter-Bewirtungseigenschaft", false, false, false, 0);
		if (!$ok) {
			$pdo->rollBack();
			echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_CANCEL_IMOSSIBLE, "msg" => ERROR_BILL_CANCEL_IMOSSIBLE_MSG));
			return;
		}
		
		$this->recreateBill($pdo, $ids, $row->brutto, $row->netto, $row->tableid, $row->paymentid, $row->tax, 1-$isNowHost,$row->reservationid,$row->guestinfo,$row->intguestid,$row->intguestpaid);
		
		$pdo->commit();
		
		echo json_encode(array("status" => "OK", "code" => OK));
	}
	
	function recreateBill($pdo,$ids_array,$brutto,$netto,$tableid,$paymentId,$tax,$host,$reservationid,$guestinfo,$intguestid,$intguestpaid) {

		$userid = $this->getUserId();

		date_default_timezone_set(DbUtils::getTimeZone());
		$currentTime = date('Y-m-d H:i:s');
	
		$billid = (-1);
			
		$sql = "SELECT id from %bill% ORDER BY id DESC";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute();
		$numberOfIds = $stmt->rowCount();
		$row =$stmt->fetchObject();
		$billid = intval($row->id)+1;
		$commonUtils = new CommonUtils();
		$commonUtils->setLastBillIdInWorkTable($pdo, $billid);

		if (is_null($tableid)) {
			$tableid = 0;
		}

		$signature = CommonUtils::calcSignatureForBill($currentTime, $brutto, $netto, $userid);
			
		$billInsertSql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tableid`,`paymentid`,`userid`,`ref`,`tax`,`host`,`reservationid`,`guestinfo`,`intguestid`,`intguestpaid`,`signature`) VALUES (?,?,?,?,?,?,?,NULL,NULL,?,?,?,?,?,?)";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($billInsertSql));
		$stmt->execute(array($billid,$currentTime,$brutto,$netto,$tableid,$paymentId,$userid,$host,$reservationid,$guestinfo,$intguestid,$intguestpaid,$signature));
		$newBillId = $pdo->lastInsertId();
		
		for ($i=0;$i<count($ids_array);$i++) {
			$queueid = $ids_array[$i];
			
			$updateSql = "UPDATE %queue% SET paidtime=?, billid=? WHERE id=?";
			$stmt = $pdo->prepare(DbUtils::substTableAlias($updateSql));
			$stmt->execute(array($currentTime,$billid,$queueid));
			
			$billProdsSql = "INSERT INTO `%billproducts%` (`queueid`,`billid`) VALUES ( ?,?)";
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($billProdsSql));
			$stmt->execute(array($queueid,$billid));
		}
		
		Hotelinterface::insertIntoHsin($pdo, $newBillId);
	}
	
	/*
	 * Cancel a bill - set all queue items to not paid and drop the bill entry
	 */
	private function cancelBill($pdo,$billid,$stornocode,$reason,$doOwnTransaction,$doEcho,$checkStornoCode,$removeproducts = 0) {
		date_default_timezone_set(DbUtils::getTimeZone());
		$currentTime = date('Y-m-d H:i:s');
		
		$recordaction = T_BILLSTORNO;
		if ($removeproducts) {
			$recordaction = T_BILLSTORNOREMOVE;
		}
		
		$stornocodeInDb = CommonUtils::getConfigValue($pdo, 'stornocode', null);
		
		if (is_null($stornocodeInDb) && $checkStornoCode) {
			if ($doEcho) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_STORNO_CODE, "msg" => ERROR_BILL_NOT_STORNO_CODE_MSG));
			}
			return false;
		}

		if ($checkStornoCode) {
			if ($stornocode != $stornocodeInDb) {
				if ($doEcho) {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_WRONG_STORNO_CODE, "msg" => ERROR_BILL_WRONG_STORNO_CODE_MSG));
				}
				return false;
			}
		}
		
		if (!is_numeric($billid)) {
			if ($doEcho) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_WRONG_NUMERIC_VALUE, "msg" => ERROR_BILL_WRONG_NUMERIC_VALUE_MSG));
			}
			return false;
		}
		
		if ($doOwnTransaction) {
			$pdo->beginTransaction();
		}
		
		$sql = "SELECT brutto,netto,tax,tableid,closingid,status,paymentid,reservationid,guestinfo,intguestid,intguestpaid FROM %bill% WHERE id=?";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute(array($billid));
		$row =$stmt->fetchObject();
		$closingId = null;
		if ($row != null) {
			$closingId = $row->closingid;
			
			$brutto = $row->brutto;
			$netto = $row->netto;
			$tax = $row->tax;
			$tableid = $row->tableid;
			$status = $row->status;
			$paymentid = $row->paymentid;
			$reservationid = $row->reservationid;
			$guestinfo = $row->guestinfo;
			$intguestpaid = $row->intguestpaid;
		}
		
		if (!is_null($closingId) || ($status == 's') || ($status == 'x')) {
			if ($doOwnTransaction) {
				$pdo->rollBack();
			}
			if ($doEcho) {
				if (($status == 's') || ($status == 'x')) {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_ALREADY_CANCELLED, "msg" => ERROR_BILL_ALREADY_CANCELLED_MSG));
				} else {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_ALREADY_CLOSED, "msg" => ERROR_BILL_ALREADY_CLOSED_MSG));
				}
			}
			return false;
		}
		
		if (!is_null($intguestpaid)) {
			if ($doOwnTransaction) {
				$pdo->rollBack();
			}
			if ($doEcho) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_CUSTOMER_PAID, "msg" => ERROR_BILL_CUSTOMER_PAID_MSG));
			}
			return false;
		}
		
		$commonUtils = new CommonUtils();
		$correct = $commonUtils->verifyBill($pdo, $billid);
		if (!$correct) {
			if ($doOwnTransaction) {
				$pdo->rollBack();
			}
			if ($doEcho) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG));
			}
			return false;
		}
		
		$nextbillid = $this->testForNewBillIdAndUpdateWorkTable($pdo);
		if ($nextbillid < 0) {
			if ($doEcho) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG));
			}
			if ($doOwnTransaction) {
				$pdo->rollBack();
			}
			return false;
		}
		
		$sql = "SELECT id FROM %queue% WHERE billid=?";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute(array($billid));
		$result = $stmt->fetchAll();
		$queueIdArray = array();
		
		foreach($result as $row) {
			if ($removeproducts == 1) {
				Workreceipts::createCancelWorkReceipt($pdo, $row['id']);
			}
			$queueIdArray[] = $row['id'];
		}
		
		if ($removeproducts == 0) {
			$sql = "UPDATE %queue% SET paidtime=null,billid=null WHERE billid=?";
		} else {
			$sql = "UPDATE %queue% SET toremove='1',paidtime=null,billid=null WHERE billid=?";			
		}
		CommonUtils::execSql($pdo, $sql, array($billid));
		
		$userIdOfStornoUser = $this->getUserId();
		$stornval = 0.0 - floatval($brutto);
		$stornonettoval = 0.0 - floatval($netto);
		
		$commonUtils = new CommonUtils();
		$signature = CommonUtils::calcSignatureForBill($currentTime, $stornval, $stornonettoval, $userIdOfStornoUser);
		
		$sql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`host`,`reservationid`,`guestinfo`,`signature`) VALUES (?,?,?,?,?,?, 's', ?,?,?,?,?,?,?)";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute(array($nextbillid,$currentTime,$stornval,$stornonettoval,$tax,$tableid,$paymentid,$userIdOfStornoUser,$billid,0,$reservationid,$guestinfo,$signature));
		$refIdOfStornoEntry = $pdo->lastInsertId();
		
		$sql = "SELECT brutto,netto,prevbrutto,prevnetto FROM %bill% WHERE id=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($refIdOfStornoEntry-1));
		$row =$stmt->fetchObject();
		$sql = "UPDATE %bill% set prevbrutto=?,prevnetto=? WHERE id=?";
		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		$stmt->execute(array($row->brutto + $row->prevbrutto + $stornval,$row->netto + $row->prevnetto + $stornonettoval,$refIdOfStornoEntry));
		
		$sql = "UPDATE %bill% SET status='x', closingid=null, ref=?, intguestid=?,intguestpaid=? WHERE id=?";
		$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
		$stmt->execute(array($refIdOfStornoEntry,null,null,$billid));

		if (!is_null($reason) && ($reason != "")) {
			$sql = "UPDATE %bill% SET reason=? WHERE id=?";
			$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
			$stmt->execute(array($reason,$billid));
		}
		
		foreach ($queueIdArray as $aQueueid) {
			$billProdsSql = "INSERT INTO `%billproducts%` (`queueid` , `billid`) VALUES ( ?,?)";
			$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($billProdsSql));
			$stmt->execute(array($aQueueid,$refIdOfStornoEntry));
		}

		if ($tableid == 0) {
			$tableid = null;
		}
		$sql = "INSERT INTO %records% (date,userid,tableid,action) VALUES(?,?,?,?)";
		CommonUtils::execSql($pdo, $sql, array($currentTime,$userIdOfStornoUser,$tableid,$recordaction));
		$recordid = $pdo->lastInsertId();
		foreach ($queueIdArray as $aQueueid) {
			$sql = "INSERT INTO %recordsqueue% (recordid,queueid) VALUES(?,?)";
			CommonUtils::execSql($pdo, $sql, array($recordid,$aQueueid));
		}
		
		Hotelinterface::insertIntoHsin($pdo,$refIdOfStornoEntry);
		
		if ($doOwnTransaction) {
			$pdo->commit();
		}
		
		if ($doEcho) {
			echo json_encode(array("status" => "OK", "code" => OK));
		}
		return true;
	}
	
	private function autoBackupPdfSummary($remoteaccesscode) {
		$pdo = DbUtils::openDbAndReturnPdoStatic();
		
		$code = CommonUtils::getConfigValue($pdo, 'remoteaccesscode', null);
		
		if (is_null($code)) {
			echo "No remote access code available - backup not allowed";
			return;
		}
		
		if (is_null($code) || (trim($code) == "")) {
			echo "No remote access code set - backup not allowed";
			return;
		}
		
		if ($code != md5($remoteaccesscode)) {
			echo "Wrong remote access code used - backup not allowed";
			return;
		}
		$pdo = null;
		
		date_default_timezone_set(DbUtils::getTimeZone());
		$currentYear = date('Y');
		$currentMonth = date('n');
		
		$this->exportPdfSummary(1, $currentYear, $currentMonth, $currentYear);
	}
	
	private function exportPdfReport($startMonth,$startYear,$endMonth,$endYear,$closidstart = null,$closidend = null) {
		$pdfExport = new PdfExport();
		$lang = 0;
		if(isset($_GET["lang"])) {
			$lang = $_GET['lang'];
		}
		$pdfExport->exportPdfReport($lang,$startMonth,$startYear,$endMonth,$endYear,$closidstart,$closidend);
	}
	private function exportPdfSummary($startMonth,$startYear,$endMonth,$endYear) {
		$pdfExport = new PdfExport();
		$lang = 0;
		if(isset($_GET["lang"])) {
			$lang = $_GET['lang'];
		}
		$pdfExport->exportPdfSummary($lang,$startMonth,$startYear,$endMonth,$endYear);
	}
	
	private function exportPdfSummaryClosPeriod($closidstart,$closidend) {
		$pdfExport = new PdfExport();
		$lang = 0;
		if(isset($_GET["lang"])) {
			$lang = $_GET['lang'];
		}
		$pdfExport->exportPdfSummaryClosPeriod($lang,$closidstart,$closidend);
	}
	
	private function exportAllCsvOrExcel($startMonth,$startYear,$endMonth,$endYear,$exportFormat) {
		set_time_limit(60*5);
		if(session_id() == '') {
			session_start();
		}
		$l = $_SESSION['language'];
		
		$commonUtils = new CommonUtils();
		$currency = $commonUtils->getCurrency();
		
		$pdo = DbUtils::openDbAndReturnPdoStatic();
		$decpoint = CommonUtils::getConfigValue($pdo, 'decpoint', '.');
		
		if ($startMonth < 10) {
			$startMonth = "0" . $startMonth;
		}
		if ($endMonth < 10) {
			$endMonth = "0" . $endMonth;
		}
		$startDate = $startYear . "-" . $startMonth . "-01 00:00:00";
		$endDate = $endYear . "-" . $endMonth . "-01";
		$lastdayOfMonth = date("t", strtotime($endDate));
		$endDate = $endYear . "-" . $endMonth . "-" . $lastdayOfMonth . " 23:59:59";
		
		$objPHPExcel = new PHPExcel();
		
		PHPExcel_Settings::setZipClass(PHPExcel_Settings::PCLZIP);
		$locale = 'De';
		if ($l == 1) {
			$locale = 'En';
		} else if ($l == 2) {
			$locale = 'Es';
		}
		$validLocale = PHPExcel_Settings::setLocale($locale);
		
		$objPHPExcel->getProperties()
		->setCreator("OrderSprinter")
		->setLastModifiedBy($_SESSION['currentuser'])
		->setTitle("OrderSprinter Umsatzdatenexport")
		->setSubject("OrderSprinter Umsatzdatenexport")
		->setDescription("Umsätze")
		->setKeywords("OrderSprinter Umsätze")
		->setCategory("OrderSprinter Datenexport");
		
		$objWorksheet = $objPHPExcel->getActiveSheet();
		
		$allcells = array();
		
		$firstRow = array(
				'Bestellzeitpunkt',
				'Abrechnungszeitpunkt',
				'Tag der Bestellung',
				$this->t['ID'][$l],
				$this->t['Tablename'][$l],
				'Produktpreis' . " ($currency)",
				$this->t['Brutto'][$l] ."($currency)",
				$this->t['Netto'][$l] . "($currency)",
				'Umsatzsteuer (%)',
				$this->t['host'][$l],
				$this->t['Ref'][$l],
				$this->t['State'][$l],
				'Produkt',
				'Produkt-ID',
				'Barcode',
				$this->t['PayWay'][$l],
				$this->t['reason'][$l],
				'Abrechnungsbenutzer',
				'Abrechnungsbenutzer-ID',
				$this->t['ClosId'][$l],
				$this->t['ClosDate'][$l],
				$this->t['ClosRemark'][$l],
				'Tageserfassung'
			);
		
		$lineLength = count($firstRow);
		
		$allcells[] = $firstRow;
		
		$payment_lang = array("name","name_en","name_esp");
		$payment_col = $payment_lang[$l];

		$unit = CommonUtils::caseOfSqlUnitSelection($pdo);
		
		$sql = "
			SELECT * FROM (
			SELECT B.billdate as billdate,B.id as billid,
				ordertime,DATE_FORMAT(ordertime,'%w') as orderdayofweek,
			       IF(tableid > '0',(SELECT tableno FROM %resttables% WHERE id=tableid),'') as tablename,
			       price as productprice,
			       (IF(B.status='s',-1,1) * price) as brutto,
			       (IF(B.status='s',-1,1) * Q.price / (1 + Q.tax * 0.01)) as netto, 
			       Q.tax as tax,
			       (IF(B.host = '1','x','-')) as host,
			       IFNULL(B.ref,'') as reference,
			       B.status as status,
			       CONCAT($unit,productname) as productname,
			       productid,
			       IFNULL((SELECT barcode from %products% PR WHERE PR.id=productid),'') as barcode,
			       P.$payment_col as payment,
			       IFNULL(B.reason,'') as reason, 
			       U.username,U.id as userid,closingid,C.closingdate as closingdate, IFNULL(C.remark,'') as remark,
			       Q.clsid 
			       from %billproducts% BP,%queue% Q,%bill% B,%payment% P,%user% U,%closing% C 
			       WHERE BP.queueid=Q.id AND BP.billid=B.id AND B.closingid is not null AND B.paymentid=P.id 
			       AND U.id=B.userid AND B.closingid=C.id   
			       AND B.billdate >= ? AND B.billdate <= ? 
			UNION ALL 
			SELECT '' as billdate, '' as billid,
				ordertime,DATE_FORMAT(ordertime,'%w') as orderdayofweek,
				IF(tablenr > '0',(SELECT tableno FROM %resttables% WHERE id=tablenr),'') as tablename,
				price as productprice,
				'0.00' as brutto,
				'0.00' as netto,
				Q.tax as tax,
				'-' as host,
				'' as reference,
				'd' as status,
				CONCAT($unit,productname) as productname,
				productid,
				IFNULL((SELECT barcode from %products% PR WHERE PR.id=productid),'') as barcode,
				'' as payment,
				'' as reason,
				'' as username,'' as userid,
				'' as closingid, '' as closingdate, '' as remark,
				Q.clsid 
				FROM %queue% Q 
				WHERE Q.toremove = '1' 
				AND ordertime >= ? AND ordertime <= ? 
			UNION ALL 
			SELECT B.billdate as billdate,B.id as billid,B.billdate as ordertime,
				DATE_FORMAT(B.billdate,'%w') as orderdayofweek,
				'' as tablename, 
				'' as productprice,
				B.brutto as brutto,B.netto as netto,
				'' as tax,
				'' as host,
				'' as reference,
				status,
				'Einlage' as productname,
			       '' as productid,
			       '' as barcode,
			       'Barzahlung' as payment, IFNULL(B.reason,'') as reason, U.username, U.id as userid,closingid,C.closingdate as closingdate,IFNULL(C.remark,'') as remark,
			       closingid 
			       FROM %bill% B,%user% U,%closing% C WHERE B.status='c' AND B.closingid is not null AND B.userid=U.id AND B.closingid=C.id 
			       AND B.billdate >= ? AND B.billdate <= ?  
			) a ORDER BY ordertime,billid
		";

		$result = CommonUtils::fetchSqlAll($pdo, $sql, array($startDate,$endDate,$startDate,$endDate,$startDate,$endDate));

		foreach($result as $z) {
			set_time_limit(60*5);
			
			$brutto = $z['brutto'];
			$netto = $z['netto'];
			$tax = $z['tax'];
			if ($exportFormat == DO_CSV) {
				$brutto = number_format($brutto, 2, $decpoint, '');
				$netto = str_replace(".",$decpoint,$netto);
				if ($tax != '') {
					$tax = number_format($tax, 2, $decpoint, '');
				}
			}
			
			$status = $z['status'];
			
			$cat = 'Produktverkauf';
			if ($status == 'x') {
				$cat = $this->t["laterCancelled"][$l];
			} else if ($status == 's') {
				$cat = $this->t["storno"][$l];
			} else if ($status == 'c') {
				$cat = $this->t["cashact"][$l];
			} else if ($status == 'd') {
				$cat = 'Storno vor Abrechnung';
			}
			
			$line = array(
			    $z['ordertime'],
			    $z['billdate'],
			    self::$daynamesStartSunday[intval($z['orderdayofweek'])][$l],
			    $z['billid'],$z['tablename'],
			    $z['productprice'],$brutto,$netto,
			    $tax,
			    $z['host'],
			    $z['reference'],
			    $cat,
			    $z['productname'],
			    $z['productid'],
			    $z['barcode'],
			    $z['payment'],
			    $z['reason'],
			    $z['username'],$z['userid'],
			    $z['closingid'],$z['closingdate'],$z['remark'],$z['clsid']);

			$allcells[] = $line;
		}
		
		$objWorksheet->fromArray(
				$allcells,  // The data to set
				NULL,        // Array values with this value will not be set
				'A1'         // Top left coordinate of the worksheet range where
		);
		
		$lastChar = chr(ord('A') + $lineLength - 1);
		$range = "A1:$lastChar" . "1";
		$objWorksheet->getStyle($range)->getFill()
		->setFillType(PHPExcel_Style_Fill::FILL_SOLID)
		->getStartColor()->setARGB('FFadf6aa');
		
		$range = "A2:" . $lastChar . count($allcells);
		$objWorksheet->getStyle($range)->getFill()
		->setFillType(PHPExcel_Style_Fill::FILL_SOLID)
		->getStartColor()->setARGB('FFd6edf8');
		
		if ($exportFormat == DO_EXCEL) {
			$formatCodeBrutto = "0.00";
			$formatCodeNetto = "0.0000";
			for ($i=1;$i<count($allcells);$i++) {
				$aVal = $objWorksheet->getCell('F' . ($i+1)) ->getValue();
				$objWorksheet->getCell('F' . ($i+1)) ->setValueExplicit($aVal,PHPExcel_Cell_DataType::TYPE_NUMERIC);
				$objWorksheet->getStyle('F' . ($i+1))->getNumberFormat()->setFormatCode($formatCodeBrutto);
				
				$aVal = $objWorksheet->getCell('G' . ($i+1)) ->getValue();
				$objWorksheet->getCell('G' . ($i+1)) ->setValueExplicit($aVal,PHPExcel_Cell_DataType::TYPE_NUMERIC);
				$objWorksheet->getStyle('G' . ($i+1))->getNumberFormat()->setFormatCode($formatCodeBrutto);

				$aVal = $objWorksheet->getCell('H' . ($i+1)) ->getValue();
				$objWorksheet->getCell('H' . ($i+1)) ->setValueExplicit($aVal,PHPExcel_Cell_DataType::TYPE_NUMERIC);
				$objWorksheet->getStyle('H' . ($i+1))->getNumberFormat()->setFormatCode($formatCodeNetto);
			}
		}
		
		if ($exportFormat == DO_CSV) {
			header("Content-type: text/x-csv");
			header("Content-Disposition: attachment; filename=\"ordersprinter-datenexport.csv\"");
			header("Cache-Control: max-age=0");
			$objWriter = new PHPExcel_Writer_CSV($objPHPExcel);
			$objWriter->setDelimiter(';');
		} else {
			header("Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
			header("Content-Disposition: attachment; filename=\"ordersprinter-datenexport.xls\"");
			header("Cache-Control: max-age=0");
			$objWriter = PHPExcel_IOFactory::createWriter($objPHPExcel, 'Excel5');
		}

		$objWriter->save("php://output");
		
		$objPHPExcel->disconnectWorksheets();
		unset($objPHPExcel);
	}
	
	private function exportCsv($startMonth,$startYear,$endMonth,$endYear,$exportType) {
		$this->exportCsv_bin($startMonth,$startYear,$endMonth,$endYear,null,$exportType);
	}
	
	/*
	 * Method to export data of a special closing
	 */
	private function exportCsvOfClosing($closingid,$exportFormat) {
		$this->exportCsv_bin(null,null,null,null,$closingid,$exportFormat);
	}
	
	private function exportCsv_bin($startMonth,$startYear,$endMonth,$endYear,$onlyClosingId,$exportFormat) {
		if(session_id() == '') {
			session_start();
		}
		$l = $_SESSION['language'];
		
		$commonUtils = new CommonUtils();
		$currency = $commonUtils->getCurrency();
		
		$decpoint = ".";

		$formatCode = "0.00";
		
		if ($onlyClosingId == null) {
			if ($startMonth < 10) {
				$startMonth = "0" . $startMonth;
			}
			if ($endMonth < 10) {
				$endMonth = "0" . $endMonth;
			}
			$startDate = $startYear . "-" . $startMonth . "-01 00:00:00";
			$endDate = $endYear . "-" . $endMonth . "-01";
			$lastdayOfMonth = date("t", strtotime($endDate));
			$endDate = $endYear . "-" . $endMonth . "-" . $lastdayOfMonth . " 23:59:59";
		}
		
		$objPHPExcel = new PHPExcel();
		
		PHPExcel_Settings::setZipClass(PHPExcel_Settings::PCLZIP);
		$locale = 'De';
		if ($l == 1) {
			$locale = 'En';
		} else if ($l == 2) {
			$locale = 'Es';
		}
		$validLocale = PHPExcel_Settings::setLocale($locale);
		
		$objPHPExcel->getProperties()
		->setCreator("OrderSprinter")
		->setLastModifiedBy($_SESSION['currentuser'])
		->setTitle("OrderSprinter Umsatzdatenexport")
		->setSubject("OrderSprinter Umsatzdatenexport")
		->setDescription("Umsätze")
		->setKeywords("OrderSprinter Umsätze")
		->setCategory("OrderSprinter Datenexport");
		
		$objWorksheet = $objPHPExcel->getActiveSheet();
		
		
		
		$allcells = array();
		
		$firstRow = array(
				$this->t['ID'][$l],
				$this->t['Date'][$l],
				$this->t['Brutto'][$l] ."($currency)",
				$this->t['Netto'][$l] . "($currency)",
				$this->t['Tablename'][$l],
				$this->t['State'][$l],
				$this->t['Ref'][$l],
				$this->t['host'][$l],
				$this->t['reason'][$l],
				$this->t['Userid'][$l],
				$this->t['User'][$l]);
		
		if ($onlyClosingId == null) {
			$firstRow[] = $this->t['ClosId'][$l];
			$firstRow[] = $this->t['ClosDate'][$l];
			$firstRow[] = $this->t['PayWay'][$l];
			$firstRow[] = $this->t['ClosRemark'][$l];
		} else {
			$firstRow[] = $this->t['PayWay'][$l];
		}
		
		$lineLength = count($firstRow);
		
		$allcells[] = $firstRow;
		
		$billIdsForThatClosing = array();
		
		$payment_lang = array("name","name_en","name_esp");
		$payment_col = $payment_lang[$l];
		
		$pdo = DbUtils::openDbAndReturnPdoStatic();
		$sql = "SELECT DISTINCT %bill%.id,IF(tableid > '0',(SELECT tableno FROM %resttables% WHERE id=tableid),'') as tablename,%bill%.signature,billdate,brutto,ROUND(netto,2) as netto,IF(tax is not null, tax, '0.00') as tax,status,closingdate,remark,%bill%.host,%bill%.closingid,%payment%.$payment_col as payway,userid,ref,username,IF(%bill%.reason is not null,reason,'') as reason FROM %bill%,%closing%,%payment%,%user% ";
		$sql .= "WHERE closingid is not null AND %bill%.closingid=%closing%.id ";
		$sql .= " AND %bill%.paymentid=%payment%.id ";
		if ($onlyClosingId == null) {
			$sql .= " AND %bill%.billdate BETWEEN ? AND ? ";
		} else {
			$sql .= " AND closingid=? ";
		}
		$sql .= " AND %bill%.userid = %user%.id ";
		$sql .= "ORDER BY billdate";

		$stmt = $pdo->prepare(DbUtils::substTableAlias($sql));
		
		if ($onlyClosingId == null) {
			$stmt->execute(array($startDate,$endDate));
		} else {
			$stmt->execute(array($onlyClosingId));
		}
		
		$dbresult = $stmt->fetchAll();
		foreach($dbresult as $zeile) {
			$billid = $zeile['id'];
			$tablename = $zeile['tablename'];
			$billdate = $zeile['billdate'];
				
			$brutto_orig = $zeile['brutto'];
			$netto_orig = $zeile['netto'];
			$tax_orig = $zeile['tax'];
				
			$brutto = str_replace(".",$decpoint,$brutto_orig);
			$netto = str_replace(".",$decpoint,$netto_orig);
			$tax = str_replace(".",$decpoint,$tax_orig);
			$signature = $zeile['signature'];
			$dbstatus = $zeile['status'];
			$status = $zeile['status'];
			if ($status == 'x') {
				$status = $this->t["laterCancelled"][$l];
			} else if ($status == 's') {
				$status = $this->t["storno"][$l];
			} else if ($status == 'c') {
				$status = $this->t["cashact"][$l];
			} else {
				$status = "";
			}
			$ref = ($zeile['ref'] == null ? "" : $zeile['ref']);
			$userid = $zeile['userid'];
			$username = $zeile['username'];
			$closingid = $zeile['closingid'];
			$closingdate = $zeile['closingdate'];
			$remark = $zeile['remark'];
			$paymentname = $zeile['payway'];
			$host = ($zeile['host'] == 1 ? "x" : "-");
			$reason = $zeile['reason'];

			if (!CommonUtils::verifyBillByValues(null,$billdate, $brutto_orig, $netto_orig, $userid, $signature,$dbstatus)) {
				echo "Inconsistent Data Base Content!\n";
				return;
			}
				
			if ($billid == null) {
				$billid = "-";
			}
				
			if ($onlyClosingId == null) {
				$line = array($billid , $billdate, $brutto, $netto, $tablename, $status, $ref, $host, $reason, $userid,$username , $closingid, $closingdate, $paymentname, $remark);
			} else {
				$line = array($billid , $billdate, $brutto, $netto, $tablename, $status, $ref, $host, $reason, $userid,$username , $paymentname);
			}
			$allcells[] = $line;
		}


		$objWorksheet->fromArray(
				$allcells,  // The data to set
				NULL,        // Array values with this value will not be set
				'A1'         // Top left coordinate of the worksheet range where
		);
		
		$lastChar = chr(ord('A') + $lineLength - 1);
		$range = "A1:$lastChar" . "1";
		$objWorksheet->getStyle($range)->getFill()
		->setFillType(PHPExcel_Style_Fill::FILL_SOLID)
		->getStartColor()->setARGB('FFadf6aa');
		
		$range = "A2:" . $lastChar . count($allcells);
		$objWorksheet->getStyle($range)->getFill()
		->setFillType(PHPExcel_Style_Fill::FILL_SOLID)
		->getStartColor()->setARGB('FFd6edf8');
		
		for ($i=1;$i<count($allcells);$i++) {
			$aVal = $objWorksheet->getCell('C' . ($i+1)) ->getValue();
			$objWorksheet->getCell('C' . ($i+1)) ->setValueExplicit($aVal,PHPExcel_Cell_DataType::TYPE_NUMERIC);
			$objWorksheet->getStyle('C' . ($i+1))->getNumberFormat()->setFormatCode($formatCode);
			
			$aVal = $objWorksheet->getCell('D' . ($i+1)) ->getValue();
			$objWorksheet->getCell('D' . ($i+1)) ->setValueExplicit($aVal,PHPExcel_Cell_DataType::TYPE_NUMERIC);
			$objWorksheet->getStyle('D' . ($i+1))->getNumberFormat()->setFormatCode($formatCode);
		}		
		
		if ($exportFormat == DO_CSV) {
			header("Content-type: text/x-csv");
			header("Content-Disposition: attachment; filename=\"ordersprinter-datenexport.csv\"");
			header("Cache-Control: max-age=0");
			$objWriter = new PHPExcel_Writer_CSV($objPHPExcel);
			$objWriter->setDelimiter(';');
		} else {
			header("Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
			header("Content-Disposition: attachment; filename=\"ordersprinter-datenexport.xls\"");
			header("Cache-Control: max-age=0");
			$objWriter = PHPExcel_IOFactory::createWriter($objPHPExcel, 'Excel5');
		}

		$objWriter->save("php://output");
		
		$objPHPExcel->disconnectWorksheets();
		unset($objPHPExcel);
	}
}