dbutils = new DbUtils(); } function handleCommand($command) { // all commands require manager rights if (!($this->hasCurrentUserManagerOrAdminRights())) { if ($command != 'exportCsv') { echo json_encode(array("status" => "ERROR", "code" => ERROR_MANAGER_NOT_AUTHOTRIZED, "msg" => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG)); } else { // exception - result is not handled on HTML/JS side echo "Fehlende Benutzerrechte"; } return; } // user has manager rights if($command == 'createClosing') { $this->createClosing($_POST['remark']); } else if ($command == 'getClosings') { $this->getClosings($_GET['month'], $_GET['year']); } else if ($command == 'exportCsv') { $this->exportCsv($_GET['closingid']); } else if ($command == 'getClosing') { $this->getClosing($_GET['closingid']); } else { echo "Command not supported."; } } private function hasCurrentUserManagerOrAdminRights() { session_start(); if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { // no user logged in return false; } else { return ($_SESSION['right_manager'] || $_SESSION['is_admin']); } } private function createClosing ($remark) { if (is_null($remark)) { $remark = ""; } // first create a closing entry $remark = $this->dbutils->filterString($remark); date_default_timezone_set('Europe/Berlin'); $closingTime = date('Y-m-d H:i:s'); $closingEntrySql = "INSERT INTO `%closing%` (`id` , `closingdate`,`remark`) VALUES (NULL , $closingTime , '$remark')"; $newClosingId = $this->dbutils->performPreparedStatementCreateClosing($closingTime,$remark); // declare not closed bills as closed $declareClosedSql = "UPDATE %bill% SET closingid='$newClosingId' WHERE closingid is null AND (tableid >= '0' OR status='c') "; $dbresult = $this->dbutils->performSqlCommand($declareClosedSql); // now calculate the sum of the prices of this closing $sql = "SELECT sum(brutto) as pricesum FROM %bill% WHERE closingid='$newClosingId' AND (tableid >= '0' OR status='c')"; $dbresult = $this->dbutils->performSqlCommand($sql); $numberOfReturns = mysqli_num_rows($dbresult); if ($numberOfReturns > 0) { $zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC); $pricesum = $zeile['pricesum']; } mysqli_free_result( $dbresult ); if (is_null($pricesum)) { $pricesum = 0; } // now clean the items that should be removed after a closing, i.e. that haven't been paid $sql = "DELETE FROM %queue% WHERE billid is null"; $dbresult = $this->dbutils->performSqlCommand($sql); echo json_encode(array("status" => "OK", "msg" => "Summe des Tagesabschlusses: " . $pricesum)); } private function getSumOfBillsWithClosingId($closingid,$onlyBar) { $sql = "SELECT sum(brutto) as billsum FROM %bill% WHERE closingid='$closingid'"; if ($onlyBar) { $sql .= " AND paymentid='1'"; } $dbresult = $this->dbutils->performSqlCommand($sql); $numberOfReturns = mysqli_num_rows($dbresult); $sum = 0.0; if ($numberOfReturns == 1) { $zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC); $sum = floatval($zeile["billsum"]); } mysqli_free_result( $dbresult ); return $sum; } /* * Get all closings that are requested: * if month and year is null or empty ==> last 30 closings * otherwise query by date */ private function getClosings($month, $year) { $monthText=$month; if ($month < 10) { $monthText = "0" . $month; } $lastDayInMonth = date("t", mktime(0, 0, 0, $month, 1, $year)); $dateStart = $year . $monthText . "01"; $dateEnd = $year . $monthText . $lastDayInMonth; $sql = "SELECT id,closingdate,remark FROM %closing% WHERE DATE(closingdate) BETWEEN '" . $dateStart . "' AND '" . $dateEnd . "' ORDER BY closingdate DESC LIMIT 30;"; $dbresult = $this->dbutils->performSqlCommand($sql); $resultarray = array(); while ($zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC)) { $theId = $zeile['id']; $closingDate = $zeile['closingdate']; $remark = $zeile['remark']; $totalSum = $this->getSumOfBillsWithClosingId($theId, false); $cashSum = $this->getSumOfBillsWithClosingId($theId, true); $closingEntry = array("id" => $theId, "closingDate" => $closingDate, "remark" => $remark, "totalsum" => $totalSum, "cashsum" => $cashSum); $resultarray[] = $closingEntry; } mysqli_free_result( $dbresult ); echo json_encode(array("status" => "OK", "msg" => $resultarray)); } private function getPaymentArray() { $sql = "SELECT id,name FROM %payment%"; $dbresult = $this->dbutils->performSqlCommand($sql); $retArray = array(); while ($zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC)) { $retArray[$zeile['id']] = $zeile['name']; } mysqli_free_result( $dbresult ); return $retArray; } private function getClosing($closingid) { $this->retrieveClosingFromDb($closingid, false); } private function exportCsv($closingid) { $this->retrieveClosingFromDb($closingid, true); } private function getDateOfPreviousClosing($closingid) { $previousId = intval($closingid) - 1; $sql = "SELECT closingdate FROM %closing% WHERE id='$previousId'"; $dbresult = $this->dbutils->performSqlCommand($sql); $numberOfReturns = mysqli_num_rows($dbresult); $retVal = null; if ($numberOfReturns == 1) { $zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC); $retVal = $zeile['closingdate']; } mysqli_free_result( $dbresult ); return $retVal; } private function retrieveClosingFromDb($closingid,$doCsvExport) { $paymentArray = $this->getPaymentArray(); $previousClosingDate = $this->getDateOfPreviousClosing($closingid); if ($doCsvExport) { $file_name = "tagesabschluss.csv"; header("Content-type: text/x-csv"); header("Content-Disposition: attachment; filename=$file_name"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); header("Expires: 0"); echo("Bon-ID; Zahldatum; Produkt; Bruttopreis ; Nettopreis; MwSt; Zahlungsart; Benutzer-ID; Benutzername; Status; Referenz-Bon-ID\n"); } // find the date of the closing - that shall later be exported $sql = "SELECT closingdate FROM %closing% WHERE id='$closingid'"; $dbresult = $this->dbutils->performSqlCommand($sql); $zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC); $closingdate = $zeile['closingdate']; mysqli_free_result( $dbresult ); // first get the billids for that closing $billIdsAndPaymentsForThatClosing = array(); $sql = "SELECT %bill%.id as billid,paymentid,billdate,userid,ref,username,status,brutto,netto,tax FROM %bill%,%user% WHERE closingid=$closingid AND %bill%.userid = %user%.id ORDER BY billdate"; $dbresult = $this->dbutils->performSqlCommand($sql); while ($zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC)) { $billIdsAndPaymentsForThatClosing[] = array( "id" => $zeile['billid'], "payment" => $zeile['paymentid'], "userid" => $zeile['userid'], "username" => $zeile['username'], "status" => $zeile['status'], "brutto" => $zeile['brutto'], "netto" => $zeile['netto'], "tax" => $zeile['tax'], "ref" => $zeile['ref'], "billdate" => $zeile['billdate']); } mysqli_free_result( $dbresult ); $retValues = array(); // Now we know all bills - find the related queue items! // (cancelled "s" have a relation queue.billid = bill.refid!!!) for ($index=0;$index < count($billIdsAndPaymentsForThatClosing);$index++) { $aBillId = $billIdsAndPaymentsForThatClosing[$index]['id']; $billdate = $billIdsAndPaymentsForThatClosing[$index]['billdate']; $paymentid = $billIdsAndPaymentsForThatClosing[$index]['payment']; $userid = $billIdsAndPaymentsForThatClosing[$index]['userid']; $username = $billIdsAndPaymentsForThatClosing[$index]['username']; $status = $billIdsAndPaymentsForThatClosing[$index]['status']; // brutto instead of product price for cash actions needed $brutto = $billIdsAndPaymentsForThatClosing[$index]['brutto']; $netto = $billIdsAndPaymentsForThatClosing[$index]['netto']; $tax = $billIdsAndPaymentsForThatClosing[$index]['tax']; $ref = $billIdsAndPaymentsForThatClosing[$index]['ref']; $ref = ($ref == null ? "" : $ref); if ($status == 'c') { // for cash insert / takeout there are no queue items! take "Kassenaktion" as product $statusTxt = "Bareinlage/-entnahme"; $brutto = number_format($brutto, 2, ',', ''); $netto = number_format($netto, 2, ',', ''); $tax = number_format($tax, 2, ',', ''); $retValues[] = array ( "billid" => $aBillId, "paidtime" => $billdate, "productname" => "Kassenaktion", "price" => $brutto, "netto" => $netto, "tax" => $tax, "payment" => $paymentArray[$paymentid], "userid" => $userid, "username" => $username, "status" => $statusTxt, "ref" => $ref); if ($doCsvExport) { echo "$aBillId; \"$billdate\" ; \"Kassenaktion\" ; \"$brutto\" ; \"$netto\" ; \"$tax\" ; \"$paymentArray[$paymentid]\"; $userid; \"$username\"; \"$statusTxt\"; $ref\n"; } } else { $sql = "SELECT DISTINCT productname,price FROM %queue%,%billproducts% WHERE %billproducts%.billid='$aBillId' AND %billproducts%.queueid=%queue%.id"; if ($status == 'x') { $statusTxt = "nachher storniert"; } else if ($status == 's') { $statusTxt = "Stornierungsbuchung"; } else { $statusTxt = ""; $sql = "SELECT productname,paidtime,price FROM %queue% WHERE billid=$aBillId"; } $dbresult = $this->dbutils->performSqlCommand($sql); while ($zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC)) { $productname = $zeile['productname']; $paidtime = ($billdate == null ? "" : $billdate) ; $price = ($status == 's' ? 0.0-floatval($zeile['price']) : $zeile['price']); // calculate netto by tax $netto = $price/(1 + $tax/100.0); $netto = number_format($netto, 2, ',', ''); $price = number_format($price, 2, ',', ''); $tax = number_format($tax, 2, ',', ''); $retValues[] = array ( "billid" => $aBillId, "paidtime" => $paidtime, "productname" => $productname, "price" => $price, "netto" => $netto, "tax" => $tax, "payment" => $paymentArray[$paymentid], "userid" => $userid, "username" => $username, "status" => $statusTxt, "ref" => $ref); $productname = str_replace('"','""',$productname); if ($doCsvExport) { echo "$aBillId; \"$paidtime\" ; \"$productname\" ; \"$price\" ; \"$netto\" ; \"$tax\" ; \"$paymentArray[$paymentid]\"; $userid; \"$username\"; \"$statusTxt\"; $ref\n"; } } mysqli_free_result( $dbresult ); } } if (!($doCsvExport)) { // in this case it is for printing (fill html page area) echo json_encode(array("status" => "OK", "msg" => $retValues, "closingid" => $closingid, "closingdate" => $closingdate, "previousClosingDate" => $previousClosingDate)); } } } ?>