diff --git a/printserver/OrderSprinterPrintserver.exe b/printserver/OrderSprinterPrintserver.exe index 06116c2..e220629 100644 Binary files a/printserver/OrderSprinterPrintserver.exe and b/printserver/OrderSprinterPrintserver.exe differ diff --git a/webapp/OrderSprinterPrintserver.exe b/webapp/OrderSprinterPrintserver.exe index 06116c2..e220629 100644 Binary files a/webapp/OrderSprinterPrintserver.exe and b/webapp/OrderSprinterPrintserver.exe differ diff --git a/webapp/bar.html b/webapp/bar.html index 7670e69..da78d28 100644 --- a/webapp/bar.html +++ b/webapp/bar.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/bill.html b/webapp/bill.html index 782f54b..65af5dc 100644 --- a/webapp/bill.html +++ b/webapp/bill.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/customer/menulegend.txt b/webapp/customer/menulegend.txt index 84595ed..8b2e18b 100755 --- a/webapp/customer/menulegend.txt +++ b/webapp/customer/menulegend.txt @@ -25,9 +25,13 @@ # dabei ist der Kurzname nur in der Kellneransicht bei der Produktauswahl zu sehen, # anschließend wird stets der Langname angezeigt. # Nur Kurzname und Preis (A) sind erforderlich, die anderen Teile werden bei -# Auslassung automatisch gefüllt (Preis B=C=A und Langname = Kurzname) -# Die ID muss nicht angegeben werden, in dem Fall wird das Produkt als -# neu anzulegendes Produkt behandelt. +# Auslassung automatisch gefüllt (Preis B=C=A und Langname = Kurzname). +# +# Wurde dem Produkt bereits eine ID von OrderSprinter zugewiesen, wird diese angezeigt. +# So können spätere Produktänderungen vom OrderSprinter erkannt werden. +# Es ist wichtig, keine eigenen IDs zu vergeben, denn neue IDs werden stets vom +# OrderSprinter erzeugt! +# # Wird ein Steuersatz angegeben, der für das Produkt vorgegeben sein soll, so # müssen auch die Preise A und B angegeben werden. # diff --git a/webapp/customer/speisekarte.txt b/webapp/customer/speisekarte.txt index 0b129e4..5a6c614 100755 --- a/webapp/customer/speisekarte.txt +++ b/webapp/customer/speisekarte.txt @@ -12,6 +12,10 @@ # Auslassung automatisch gefüllt (Preis B=C=A und Langname = Kurzname) # Wird ein Steuersatz angegeben, der für das Produkt vorgegeben sein soll, so # müssen auch die Preise A und B angegeben werden. +# Wurde dem Produkt bereits eine ID von OrderSprinter zugewiesen, wird diese angezeigt. +# So können spätere Produktänderungen vom OrderSprinter erkannt werden. +# Es ist wichtig, keine eigenen IDs zu vergeben, denn neue IDs werden stets vom +# OrderSprinter erzeugt! # # Bei Kategorien: # Das Gleichheitszeichen dient als Trenner zwischen Namen und weiteren Eigenschaften. diff --git a/webapp/feedback.html b/webapp/feedback.html index 75ad487..e4b57c4 100644 --- a/webapp/feedback.html +++ b/webapp/feedback.html @@ -4,7 +4,7 @@ - + diff --git a/webapp/index.html b/webapp/index.html index f08d98c..dcdb985 100644 --- a/webapp/index.html +++ b/webapp/index.html @@ -7,8 +7,8 @@ - - + + @@ -110,7 +110,6 @@ function displayLoginOrLogoutMask(jsonContent) { // user needs to log in! $("#passwordfield").val(""); $("#logoutarea").hide(); - $("#invalidusercredentials").popup( "open", {transition: 'flip'} ); } } @@ -241,7 +240,9 @@ $(document).on("pageinit", "#index-page", function () {
- +
Username:
Passwort:
Passwort: + +
@@ -297,6 +298,8 @@ $(document).on("pageinit", "#index-page", function () { +
+
@@ -305,16 +308,6 @@ $(document).on("pageinit", "#index-page", function () {
- -
-
-

Ungültiges Passwort

-
- -
-

Bitte prüfen Sie, ob Sie den richtigen Benutzer ausgewählt und das Passwort korrekt eingegeben haben.

-
-
diff --git a/webapp/install.html b/webapp/install.html index d2cb909..a5d594e 100644 --- a/webapp/install.html +++ b/webapp/install.html @@ -679,7 +679,7 @@ $(document).ready(function() {   - +   diff --git a/webapp/install/installer.php b/webapp/install/installer.php index c3b11d4..43ea192 100644 --- a/webapp/install/installer.php +++ b/webapp/install/installer.php @@ -754,6 +754,18 @@ return false; } } +function updateUserTable1109_1110($prefix,$version) { +$ret = true; +if ($version != "1.1.9") { +$ret = $this->updateUserTable1108_1109($prefix,$version); +if (!$ret) { +return false; +} +} +$ret &= $this->setVersion($prefix, '1.1.10'); +return $ret; +} + function setVersion($prefix,$theVersion) { $pdo = $this->pdo; try { @@ -825,7 +837,7 @@ $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VAL $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'billlanguage', $billlanguage)"); $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'currency', '$currency')"); $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'receiptfontsize', '12')"); -$this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'version', '1.1.9')"); +$this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'version', '1.1.10')"); $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'paymentconfig', '0')"); $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'remoteaccesscode', null)"); $this->basedb->doSQL($pdo,"INSERT INTO `%config%` (`id` , `name`, `setting`) VALUES (NULL , 'decpoint', '$decpoint')"); @@ -914,7 +926,7 @@ $right_manager,$right_reservation,$right_rating,$lang,$prefertablemap) { $md5adminpass = md5($adminpass); $pdo = $this->pdo; -$userInsertSql = "INSERT INTO `%user%` (`id` , `username` , `userpassword`, `is_admin`, `right_waiter`,`right_kitchen`,`right_bar`,`right_supply`,`right_paydesk`,`right_statistics`,`right_bill`,`right_products`,`right_changeprice`,`right_manager`,`right_reservation`,`right_rating`,`language`,`prefertablemap`,`keeptypelevel`,`active`) VALUES (NULL,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,'1')"; +$userInsertSql = "INSERT INTO `%user%` (`id` , `username` , `userpassword`, `is_admin`, `right_waiter`,`right_kitchen`,`right_bar`,`right_supply`,`right_paydesk`,`right_statistics`,`right_bill`,`right_products`,`right_changeprice`,`right_manager`,`right_reservation`,`right_rating`,`language`,`prefertablemap`,`keeptypelevel`,`extrasapplybtnpos`,`active`) VALUES (NULL,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,'1','1')"; $stmt = $pdo->prepare(DbUtils::substTableAlias($userInsertSql)); $stmt->execute(array($username,$md5adminpass,$is_admin,$right_waiter,$right_kitchen,$right_bar,$right_supply,$right_paydesk,$right_statistics,$right_bill,$right_products,$right_changeprice,$right_manager,$right_reservation,$right_rating,$lang,$prefertablemap,1)); @@ -1198,7 +1210,7 @@ return; $supportedVersions = array("1.0.22","1.0.23","1.0.24","1.0.25","1.0.26","1.0.27","1.0.28","1.0.29", "1.0.30","1.0.31","1.0.32","1.0.33","1.0.34","1.0.35","1.0.36","1.0.37","1.0.38","1.0.39", "1.0.40", -"1.1.0","1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.1.8" +"1.1.0","1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.1.8", "1.1.9" ); if (!in_array($version, $supportedVersions)) { @@ -1206,7 +1218,7 @@ echo json_encode("Quellversion nicht unterstützt"); return; } -$ret = $admin->updateUserTable1108_1109($_POST['prefix'], $version); +$ret = $admin->updateUserTable1109_1110($_POST['prefix'], $version); if(session_id() == '') { session_start(); diff --git a/webapp/kitchen.html b/webapp/kitchen.html index 39689c0..a4bd4f0 100644 --- a/webapp/kitchen.html +++ b/webapp/kitchen.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/manager.html b/webapp/manager.html index 5bed3d9..607c311 100644 --- a/webapp/manager.html +++ b/webapp/manager.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/paydesk.html b/webapp/paydesk.html index 9e82edd..cd780c3 100644 --- a/webapp/paydesk.html +++ b/webapp/paydesk.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/php/admin.php b/webapp/php/admin.php index 8a2c73e..9eebeec 100644 --- a/webapp/php/admin.php +++ b/webapp/php/admin.php @@ -275,11 +275,14 @@ class Admin { $result = $stmt->fetchAll(); $numberOfEntries = count($result); - if ($numberOfEntries == 1) { $zeile = $result[0]; $pass_hash = $zeile['userpassword']; - + + if ($zeile['is_admin'] == 0) { + // authentication-check + } + // password_verify requires PHP > 5.5, so let's use MD5 instead // (it is no banking software...) if (md5($password) == $pass_hash) { @@ -1102,19 +1105,19 @@ class Admin { $right_rating = $_SESSION['right_rating']; if (!self::isOnlyRatingUser($rights, $right_rating, true)) { - if ($_SESSION['right_waiter']) { $mainMenu[] = array("name" => $waitertxt[$lang], "link" => "waiter.html?v=1.1.9"); }; - if ($_SESSION['right_kitchen']) { $mainMenu[] = array("name" => $kitchentxt[$lang], "link" => "kitchen.html?v=1.1.9"); }; - if ($_SESSION['right_bar']) { $mainMenu[] = array("name" => "Bar", "link" => "bar.html?v=1.1.9"); }; - if ($_SESSION['right_supply']) { $mainMenu[] = array("name" => $supplytxt[$lang], "link" => "supplydesk.html?v=1.1.9"); }; + if ($_SESSION['right_waiter']) { $mainMenu[] = array("name" => $waitertxt[$lang], "link" => "waiter.html?v=1.1.10"); }; + if ($_SESSION['right_kitchen']) { $mainMenu[] = array("name" => $kitchentxt[$lang], "link" => "kitchen.html?v=1.1.10"); }; + if ($_SESSION['right_bar']) { $mainMenu[] = array("name" => "Bar", "link" => "bar.html?v=1.1.10"); }; + if ($_SESSION['right_supply']) { $mainMenu[] = array("name" => $supplytxt[$lang], "link" => "supplydesk.html?v=1.1.10"); }; if ($_SESSION['right_paydesk']) { $mainMenu[] = array("name" => $paydesktxt[$lang], "link" => "paydesk.html"); }; - if ($_SESSION['right_statistics']) { $mainMenu[] = array("name" => $stattxt[$lang], "link" => "reports.html?v=1.1.9"); }; - if ($_SESSION['right_bill']) { $mainMenu[] = array("name" => $bontxt[$lang], "link" => "bill.html?v=1.1.9"); }; - if ($_SESSION['right_products']) { $mainMenu[] = array("name" => $prodtxt[$lang], "link" => "products.html?v=1.1.9"); }; - if ($_SESSION['right_reservation']) { $mainMenu[] = array("name" => $restxt[$lang], "link" => "reservation.html?v=1.1.9"); }; - if ($_SESSION['right_rating']) { $mainMenu[] = array("name" => $ratingtxt[$lang], "link" => "rating.html?v=1.1.9"); }; - if ($_SESSION['right_manager'] || $_SESSION['is_admin']) { $mainMenu[] = array("name" => $admintxt[$lang], "link" => "manager.html?v=1.1.9"); }; - $mainMenu[] = array("name" => $settingtxt[$lang], "link" => "preferences.html?v=1.1.9"); - $mainMenu[] = array("name" => "Feedback", "link" => "feedback.html?v=1.1.9"); + if ($_SESSION['right_statistics']) { $mainMenu[] = array("name" => $stattxt[$lang], "link" => "reports.html?v=1.1.10"); }; + if ($_SESSION['right_bill']) { $mainMenu[] = array("name" => $bontxt[$lang], "link" => "bill.html?v=1.1.10"); }; + if ($_SESSION['right_products']) { $mainMenu[] = array("name" => $prodtxt[$lang], "link" => "products.html?v=1.1.10"); }; + if ($_SESSION['right_reservation']) { $mainMenu[] = array("name" => $restxt[$lang], "link" => "reservation.html?v=1.1.10"); }; + if ($_SESSION['right_rating']) { $mainMenu[] = array("name" => $ratingtxt[$lang], "link" => "rating.html?v=1.1.10"); }; + if ($_SESSION['right_manager'] || $_SESSION['is_admin']) { $mainMenu[] = array("name" => $admintxt[$lang], "link" => "manager.html?v=1.1.10"); }; + $mainMenu[] = array("name" => $settingtxt[$lang], "link" => "preferences.html?v=1.1.10"); + $mainMenu[] = array("name" => "Feedback", "link" => "feedback.html?v=1.1.10"); } $mainMenu[] = array("name" => $logout[$lang], "link" => "logout.php"); @@ -1123,7 +1126,7 @@ class Admin { $waiterMessage = $this->getMessage(null, "waitermessage"); } // CAUTION: change version also in config.txt!!! - $mainMenuAndVersion = array ("version" => "OrderSprinter 1.1.9", + $mainMenuAndVersion = array ("version" => "OrderSprinter 1.1.10", "user" => $currentUser, "menu" => $mainMenu, "waitermessage" => $waiterMessage, @@ -1208,11 +1211,11 @@ class Admin { if ($isAdmin && !($this->isCurrentUserAdmin())) { echo json_encode("noadmin"); return; - } else { + } else { // instead if password_hash (PHP > 5.5) use MD5... $password_hash = md5($password); - $userInsertSql = "INSERT INTO `%user%` (`id` , `username` , `userpassword`, `is_admin`, `right_waiter`,`right_kitchen`,`right_bar`,`right_supply`,`right_paydesk`,`right_statistics`,`right_bill`,`right_products`,`right_reservation`,`right_rating`,`right_changeprice`,`right_manager`,`language`,`receiptprinter`,`prefertablemap`,`keeptypelevel`,`active`) VALUES ("; - $userInsertSql .= " NULL, '$username', '$password_hash' , '$isAdmin', '$rWaiter', '$rKitchen', '$rBar', '$rSupply', '$rPayDesk', '$rStat', '$rBill', '$rProducts', '$rReservation', '$rRating', '$rChangeprice', '$rManager', '$lang','1','1','1','1')"; + $userInsertSql = "INSERT INTO `%user%` (`id` , `username` , `userpassword`, `is_admin`, `right_waiter`,`right_kitchen`,`right_bar`,`right_supply`,`right_paydesk`,`right_statistics`,`right_bill`,`right_products`,`right_reservation`,`right_rating`,`right_changeprice`,`right_manager`,`language`,`receiptprinter`,`prefertablemap`,`keeptypelevel`,`extrasapplybtnpos`,`active`) VALUES ("; + $userInsertSql .= " NULL, '$username', '$password_hash' , '$isAdmin', '$rWaiter', '$rKitchen', '$rBar', '$rSupply', '$rPayDesk', '$rStat', '$rBill', '$rProducts', '$rReservation', '$rRating', '$rChangeprice', '$rManager', '$lang','1','1','1','1','1')"; $dbresult = $this->dbutils->performSqlCommandRetLastId($userInsertSql); $lastId = $dbresult['id']; echo json_encode("OK"); diff --git a/webapp/php/closing.php b/webapp/php/closing.php index aa29666..eb22a23 100644 --- a/webapp/php/closing.php +++ b/webapp/php/closing.php @@ -198,7 +198,7 @@ array( ) )); -$newversionavailable = file_get_contents($url, false, $ctx); +$newversionavailable = @file_get_contents($url, false, $ctx); // TODO: has to be forwarded to user to inform him echo json_encode(array("status" => "OK", "msg" => $content)); diff --git a/webapp/preferences.html b/webapp/preferences.html index 696bca4..c406fa9 100644 --- a/webapp/preferences.html +++ b/webapp/preferences.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/products.html b/webapp/products.html index a35a6e9..f91120d 100644 --- a/webapp/products.html +++ b/webapp/products.html @@ -7,7 +7,7 @@ - + diff --git a/webapp/rating.html b/webapp/rating.html index 6c71f24..e1643cd 100644 --- a/webapp/rating.html +++ b/webapp/rating.html @@ -7,7 +7,7 @@ - + diff --git a/webapp/reports.html b/webapp/reports.html index b87ce7b..761f266 100644 --- a/webapp/reports.html +++ b/webapp/reports.html @@ -7,7 +7,7 @@ - + diff --git a/webapp/reservation.html b/webapp/reservation.html index 2d03b29..d9fb51d 100644 --- a/webapp/reservation.html +++ b/webapp/reservation.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/supplydesk.html b/webapp/supplydesk.html index 5ecb5b8..9b27b12 100644 --- a/webapp/supplydesk.html +++ b/webapp/supplydesk.html @@ -5,7 +5,7 @@ - + diff --git a/webapp/waiter.html b/webapp/waiter.html index e05d5b9..6c3f970 100644 --- a/webapp/waiter.html +++ b/webapp/waiter.html @@ -4,7 +4,7 @@ - +