dbutils = new DbUtils(); } function handleCommand($command) { if (!$this->isUserAlreadyLoggedInForPhpAndMayReserve()) { echo json_encode(array("status" => "ERROR", "code" => ERROR_RES_NOT_AUTHOTRIZED, "msg" => ERROR_RES_NOT_AUTHOTRIZED_MSG)); } else { if ($command == 'createReservation') { $this->createReservation($_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']); } else if ($command == 'getReservations') { $this->getReservations($_GET['day'],$_GET['month'],$_GET['year']); } else if ($command == 'changeReservation') { $this->changeReservation($_POST['id'],$_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark']); } else if ($command == 'delReservation') { $this->delReservation($_POST['id']); } else if ($command == 'emailConfirmReservation') { $this->emailConfirmReservation($_POST['to'],$_POST['msg']); } else { echo "Kommando nicht unterstuetzt."; } } } function isUserAlreadyLoggedInForPhpAndMayReserve() { if(session_id() == '') { session_start(); } if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { return false; } else { return ($_SESSION['right_reservation']); } } private function createReservation($day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) { $userid = $_SESSION['userid']; date_default_timezone_set(DbUtils::getTimeZone()); $currentTime = date('Y-m-d H:i:s'); $scheduledDate = "$year-$month-$day 00:00:00"; try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $sql = "INSERT INTO `%reservations%` ( `id` , `creator`,`creationdate`,`scheduledate`,`name`,`email`,`starttime`,`duration`,`persons`,`phone`,`remark`) VALUES ( NULL , ?,?,?,?,?,?,?,?,?,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { $pdo->rollBack(); echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function changeReservation($id,$day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark) { $userid = $_SESSION['userid']; date_default_timezone_set(DbUtils::getTimeZone()); $currentTime = date('Y-m-d H:i:s'); $scheduledDate = "$year-$month-$day 00:00:00"; try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $sql = "UPDATE `%reservations%` SET creator=?,creationdate=?,scheduledate=?,name=?,email=?,starttime=?,duration=?,persons=?,phone=?,remark=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark,$id)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { $pdo->rollBack(); echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function delReservation($id) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $sql = "DELETE FROM `%reservations%` WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { $pdo->rollBack(); echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function emailConfirmReservation($toEmail,$msg) { // first find sender email $pdo = $this->dbutils->openDbAndReturnPdo(); $msg = str_replace("\n", "\r\n", $msg); $topictxt = "Reservierungsbestätigung\r\n"; if (Emailer::sendEmail($pdo, $msg, $toEmail, $topictxt)) { echo json_encode("OK"); } else { echo json_encode("ERROR"); } } private function getGeneralItemFromDbWithPdo($pdo,$field) { $aValue=""; $sql = "SELECT setting FROM %config% where name='$field'"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { $aValue = $row->setting; } return $aValue; } private function getReservations($day,$month,$year) { $day = sprintf("%02s", $day); $month = sprintf("%02s", $month); $scheduledDate = "$year-$month-$day 00:00:00"; try { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "SELECT DISTINCT %reservations%.id,%user%.username as username,creationdate,scheduledate,starttime,name,email,persons,duration,phone,remark FROM %reservations%,%user% WHERE scheduledate=? AND %reservations%.creator=%user%.id ORDER BY starttime"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($scheduledDate)); $result = $stmt->fetchAll(); $resArray = array(); foreach($result as $row) { $datetimeparts = explode(" ",$row['scheduledate']); $thedate = $datetimeparts[0]; $thedateparts = explode("-",$thedate); $resArray[] = array( "id" => $row['id'], "creator" => $row['username'], "creationdate" => $row['creationdate'], "day" => $thedateparts[2], "month" => $thedateparts[1], "year" => $thedateparts[0], "start" => $row['starttime'], "guest" => $row['name'], "email" => $row['email'], "persons" => $row['persons'], "duration" => $row['duration'], "phone" => $row['phone'], "remark" => $row['remark'], ); } echo json_encode(array("status" => "OK", "msg" => $resArray)); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } } ?>