dbutils = new DbUtils(); $this->queue = new QueueContent(); $this->commonUtils = new CommonUtils(); $this->userrights = new Userrights(); $this->histfiller = new HistFiller(); $this->sorter = new Sorter(); } function isCmdAllowed($rights) { if ($this->userrights->isCmdAllowedForUser($rights)) { return true; } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG)); return false; } } function handleCommand($command) { $cmdArray = array('showDbProducts', 'getMenuLevelUp', 'applySingleProdData', 'createExtra', 'applyExtra', 'delExtra','sortup','sortdown', 'delproduct', 'reassign', 'applyType', 'delType', 'getSingleProdData', 'getSingleTypeData', 'getPriceLevelInfo','setPriceLevelInfo', 'createProduct','createProdType','addGeneralComment','changeGeneralComment','delGeneralComment','upGeneralComment','downGeneralComment'); if (in_array($command, $cmdArray)) { if (!($this->userrights->hasCurrentUserRight('right_products'))) { if ($command == 'createProdType') { echo json_encode(array("status" => "ERROR", "code" => ERROR_PRODUCTS_NOT_AUTHOTRIZED, "msg" => ERROR_PRODUCTS_NOT_AUTHOTRIZED_MSG)); } else { echo "Benutzerrechte nicht ausreichend!"; } return false; } } if($command == 'showDbProducts') { $this->showDbProducts(); } else if ($command == 'getMenu') { if ($this->isCmdAllowed(R_PRO)) { $this->getMenu($_GET['ref'],null); } } else if ($command == 'getMenuLevelUp') { $this->getMenuLevelUp($_GET['ref']); } else if ($command == 'getSpeisekarte') { if ($this->userrights->hasCurrentUserRight('is_admin') || ($this->userrights->hasCurrentUserRight('right_manager'))) { $pdo = DbUtils::openDbAndReturnPdoStatic(); echo json_encode($this->getSpeisekarte($pdo)); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG)); } } else if ($command == 'exportCsv') { if (($this->userrights->hasCurrentUserRight('is_admin')) || ($this->userrights->hasCurrentUserRight('right_manager'))) { $this->exportCsv(); } } else if ($command == 'getAllTypesAndAvailProds') { $this->getAllTypesAndAvailProds(); } else if ($command == 'getAllAvailProdsAlphaSorted') { $this->getAllAvailProdsAlphaSorted(); } else if ($command == 'getAllExtrasAlphaSorted') { $this->getAllExtrasAlphaSorted(); } else if ($command == 'getSingleProdData') { $pdo = DbUtils::openDbAndReturnPdoStatic(); $this->getSingleProdData($pdo,$_GET['id']); } else if ($command == 'getSingleTypeData') { $this->getSingleTypeData($_GET['id']); } else if ($command == 'applySingleProdData') { $extras = null; if(isset($_POST['extras'])) { $extras = $_POST['extras']; } $this->applySingleProdData($_POST['id'],$_POST['longname'],$_POST['shortname'],$_POST['priceA'],$_POST['priceB'],$_POST['priceC'],$_POST['tax'],$_POST['available'],$_POST['audioFile'],$_POST['changeExtras'],$extras,$_POST['favorite'],$_POST['assignextrastotype']); } else if ($command == 'createExtra') { $this->createExtra($_POST['name'],$_POST['price']); } else if ($command == 'delExtra') { $this->delExtra($_POST['id']); } else if ($command == 'applyExtra') { $this->applyExtra($_POST['name'],$_POST['price'],$_POST['id']); } else if ($command == 'sortup') { $this->sortup($_POST['prodid']); } else if ($command == 'sortdown') { $this->sortdown($_POST['prodid']); } else if ($command == 'delproduct') { $this->delproduct($_POST['prodid']); } else if ($command == 'createProduct') { $this->createProduct($_POST['longname'],$_POST['shortname'],$_POST['priceA'],$_POST['priceB'],$_POST['priceC'],$_POST['tax'],$_POST['available'],$_POST['prodTypeId'],$_POST['audioFile'],$_POST['favorite']); } else if ($command == 'reassign') { $this->reassign($_POST['productid'],$_POST['typeid']); } else if ($command == 'createProdType') { $this->createProdType($_POST['refid'],$_POST['name']); } else if ($command == 'applyType') { $this->applyType($_POST['id'],$_POST['name'],$_POST['kind'],$_POST['usekitchen'],$_POST['usesupply'],$_POST['printer']); } else if ($command == 'delType') { $this->delType($_POST['id']); } else if ($command == 'getPriceLevelInfo') { $this->getPriceLevelInfo(); } else if ($command == 'setPriceLevelInfo') { $this->setPriceLevelInfo($_POST['priceLevelId']); } else if ($command == 'getAudioFiles') { $this->getAudioFiles(); } else if ($command == 'addGeneralComment') { $this->addGeneralComment($_POST['comment']); } else if ($command == 'getAllGeneralComments') { if ($this->userrights->hasCurrentUserRight('is_admin') || ($this->userrights->hasCurrentUserRight('right_waiter')) || ($this->userrights->hasCurrentUserRight('right_products'))) { $this->getAllGeneralComments(); } else { echo "Fehlende Benutzerechte"; } } else if ($command == 'changeGeneralComment') { $this->changeGeneralComment($_POST['id'],$_POST['comment']); } else if ($command == 'delGeneralComment') { $this->delGeneralComment($_POST['id']); } else if ($command == 'upGeneralComment') { $this->upGeneralComment($_POST['id']); } else if ($command == 'downGeneralComment') { $this->downGeneralComment($_POST['id']); } else if ($command == 'getAssignedExtrasOfProd') { if ($this->isCmdAllowed(R_WAI | R_PRO)) { $this->getAssignedExtrasOfProd($_GET['prodid']); } } else { echo "Command not supported."; } } function getDateValueAsBoolInterpretatedIcon($aValue) { if ($aValue != '0' ) { $imgFile = "ok.png"; } else { $imgFile = "notavailable.png"; } return $imgFile; } private function getAllTypesAndAvailProds() { $pdo = DbUtils::openDbAndReturnPdoStatic(); $pdo->beginTransaction(); $sql = "select setting FROM %config% WHERE name=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array("pricelevel")); $row = $stmt->fetchObject(); $pricelevel = $row->setting; $priceTxt = "priceA"; if ($pricelevel == 2) { $priceTxt = "priceB"; } else if ($pricelevel == 3) { $priceTxt = "priceC"; } $sql = "select id,name,reference from %prodtype% where removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(); $typeArray = array(); foreach($result as $row) { $ref = $row['reference']; if ($ref == null) { $ref = 0; } $typeArray[] = array("id" => $row['id'], "name" => $row['name'], "ref" => $ref); } $sql = "select id,shortname,longname,audio,category as ref,favorite,$priceTxt as price,IF(tax is not null, tax, 'null') as tax from %products% where available='1' AND removed is null ORDER BY sorting"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(); $prodArray = array(); foreach($result as $row) { $ref = $row['ref']; if ($ref == null) { $ref = 0; } $audio = $row['audio']; if ($audio == null) { $audio = ""; } $fav = $row['favorite']; if ($fav == null) { $fav = 0; } $sql = "SELECT DISTINCT %extras%.id AS extraid,%extras%.name AS name FROM %extras%,%extrasprods% WHERE %extrasprods%.prodid=? AND %extras%.id=%extrasprods%.extraid AND %extras%.removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($row['id'])); $extras = $stmt->fetchAll(PDO::FETCH_OBJ); $prodArray[] = array("id" => $row['id'], "name" => $row['shortname'], "longname" => $row['longname'], "audio" => $audio, "ref" => $ref, "favorite" => $fav, "price" => $row['price'], "tax" => $row['tax'], "extras" => $extras); } $pdo->commit(); $retArray = array("types" => $typeArray, "prods" => $prodArray); echo json_encode($retArray); } /* * Return all available product with id and name, category * (used for re-assignment to type) */ function getAllAvailProdsAlphaSorted() { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "select id,longname,category from %products% WHERE available='1' AND removed is null ORDER BY longname"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_OBJ); echo json_encode($result); } function getAllExtrasAlphaSorted() { $pdo = $this->dbutils->openDbAndReturnPdo(); $ret = $this->getAllExtrasAlphaSortedCore($pdo); echo json_encode(array("status" => "OK", "msg" => $ret)); } function getAllExtrasAlphaSortedCore($pdo) { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "select id,name,price from %extras% WHERE removed is null ORDER BY name"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_OBJ); return $result; } /* * Return in array all products with their id and longname that have a reference to * the given category. * * The output is this: * ["id" => 1, "longname" => "Whatever Product"], * ["id" => 2, "longname" => "Whatever Other Product"], ... */ private function getProductsWithReferenz($pdo,$ref) { $prods = array(); $sql = "SELECT id,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, 'null') as tax,available,audio from %products% where removed is null AND category is null ORDER BY sorting"; if ($ref > 0) { $sql = "SELECT id,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, 'null') as tax,available,audio from %products% where removed is null AND category=$ref ORDER BY sorting"; } $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(); $result = $stmt->fetchAll(); foreach($result as $zeile) { $prod_entry = array( "id" => $zeile['id'], "shortname" => $zeile['shortname'], "longname" => $zeile['longname'], "available" => $zeile['available'], "priceA" => $zeile['priceA'], "priceB" => $zeile['priceB'], "priceC" => $zeile['priceC'], "tax" => $zeile['tax'], "audio" => ($zeile['audio'] == null ? '' : $zeile['audio']), "type" => "p"); $prods[] = $prod_entry; } return $prods; } private static function getAllSubTypes($pdo,$prodtypeid) { $sql = "SELECT id,reference FROM %prodtype% WHERE reference=? AND removed is null"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($prodtypeid)); $allSubTypes = $stmt->fetchAll(PDO::FETCH_OBJ); $subtypeids = array(); foreach ($allSubTypes as $aType) { $typeids = self::getAllSubTypes($pdo,$aType->id); $subtypeids = array_merge($subtypeids,$typeids); } return array_merge(array($prodtypeid),$subtypeids); } private static function getAllProdIdOfSameTypeAndBelow($pdo,$prodid) { $sql = "SELECT category FROM %products% WHERE id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($prodid)); $row =$stmt->fetchObject(); $theType = $row->category; $allTypes = self::getAllSubTypes($pdo,$theType); $prodIds = array(); foreach ($allTypes as $aTypeId) { $sql = "SELECT id FROM %products% WHERE category=? AND removed is null"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($aTypeId)); $allProdIdsOfThisType = $stmt->fetchAll(PDO::FETCH_OBJ); foreach($allProdIdsOfThisType as $aProd) { $prodIds[] = $aProd->id; } } return $prodIds; } /* * Return in array all types with their id and name that have a reference to * the given category. * * The output is this: * ["id" => 1, "name" => "Meal"], * ["id" => 2, "name" => "Drinks"], ... */ private function getProdTypesWithReferenz($pdo,$ref) { $sql = "SELECT id,name,kind,usekitchen,usesupplydesk,printer,'t' as type from %prodtype% where removed is null AND reference is null"; if ($ref > 0) { $sql = "SELECT id,name,kind,usekitchen,usesupplydesk,printer,'t' as type from %prodtype% where removed is null AND reference=$ref"; } $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $types = $stmt->fetchAll(); return $types; } function showDbProducts() { $pdo = DbUtils::openDbAndReturnPdoStatic(); $productArray = $this->getDbProductsWithRef_json_version($pdo,0,0); echo json_encode($productArray); } private function getMenuLevelUp($ref) { // from which type does the current type reference to? $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "SELECT reference from %prodtype% where removed is null AND id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($ref)); $currentRef =$stmt->fetchObject(); $this->getMenu($currentRef->reference,$pdo); } private function getMenu($ref,$pdo) { if (is_null($pdo)) { $pdo = $this->dbutils->openDbAndReturnPdo(); } if (!is_null($ref) && ($ref>0)) { $sql = "SELECT id,name,kind,usekitchen,usesupplydesk,printer,'t' as type from %prodtype% where removed is null AND id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($ref)); $currentProdType =$stmt->fetchObject(); } else { $currentProdType = null; } if (!is_null($ref) && ($ref>0)) { $sql = "SELECT id,name,kind,usekitchen,usesupplydesk,printer,'t' as type from %prodtype% where removed is null AND reference=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($ref)); } else { $sql = "SELECT id,name,kind,usekitchen,usesupplydesk,printer,'t' as type from %prodtype% where removed is null AND reference is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); } $containedTypes = $stmt->fetchAll(PDO::FETCH_OBJ); if (!is_null($ref) && ($ref>0)) { $sql = "SELECT id,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, 'null') as tax,available,favorite,audio,'p' as type from %products% where removed is null AND category=? ORDER BY sorting"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($ref)); } else { $sql = "SELECT id,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, 'null') as tax,available,favorite,audio,'p' as type from %products% where removed is null AND category is null ORDER BY sorting"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); } $containedProds = $stmt->fetchAll(PDO::FETCH_OBJ); $msg = array("currentType" => $currentProdType,"containedTypes" => $containedTypes,"containedProds" => $containedProds); echo json_encode(array("status" => "OK", "msg" => $msg)); } function readDbProducts($pdo) { $speisekarte = $this->readDbProductsWithRef_json_version($pdo,0,0); $speisekarte .= $this->readExtrasFromDb($pdo); return $speisekarte; } function readExtrasFromDb($pdo) { if (is_null($pdo)) { $pdo = $this->dbutils->openDbAndReturnPdo(); } $sql = "SELECT id,name,price FROM %extras% WHERE removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_OBJ); $extrasTxt = ""; $decpoint = $this->getDecPoint($pdo); foreach ($result as $aRes) { $extrasTxt .= "!" . $aRes->name . " (ID:" . $aRes->id . ") #" ; $priceTxt = number_format($aRes->price, 2, $decpoint, ''); $extrasTxt .= $priceTxt; $sql = "SELECT prodid FROM %extrasprods% WHERE extraid=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($aRes->id)); $assignedProds = $stmt->fetchAll(PDO::FETCH_OBJ); $assProdArr = array(); foreach ($assignedProds as $anAssProd) { $assProdArr[] = "(" . $anAssProd->prodid . ")"; } $extrasTxt .= " ; " . join(",",$assProdArr) . "\n"; } return $extrasTxt; } private function getDecPoint($pdo) { $sql = "SELECT name,setting FROM %config% WHERE name=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array("decpoint")); $row = $stmt->fetchObject(); return($row->setting); } private function exportCsv() { $pdo = DbUtils::openDbAndReturnPdoStatic(); $decpoint = $this->getDecPoint($pdo); $file_name = "datenexport-produkte.csv"; header("Content-type: text/x-csv"); header("Content-Disposition: attachment; filename=$file_name"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); header("Expires: 0"); echo("Eintragsid; Datum ; Produktid; Kurzname; Langname; Preis (Stufe A); Preis (Stufe B);"); echo("Preis (Stufe C); Steuer; Verfügbarkeit; Favorit; Extras/Optionen; Beschreibung"); echo("\n"); $sql = "SELECT DISTINCT %hist%.id as id,date,"; $sql .= "prodid,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, '-') as tax,available,favorite,extras,description "; $sql .= " FROM %hist%, %histprod%, %histactions% "; $sql .= " WHERE (refid=%histprod%.id) "; $sql .= " AND (action='1' OR action='4' OR action='5') "; $sql .= " AND (action=%histactions%.id) "; $sql .= " ORDER BY date,id"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(); $result = $stmt->fetchAll(); foreach($result as $zeile) { $val1 = $zeile['id']; $val2 = $zeile['date']; $val3 = $zeile['prodid']; $val4 = str_replace('"','""',$zeile['shortname']); $val5 = str_replace('"','""',$zeile['longname']); $val6 = str_replace(".",$decpoint,$zeile['priceA']); $val7 = str_replace(".",$decpoint,$zeile['priceB']); $val8 = str_replace(".",$decpoint,$zeile['priceC']); $val9 = str_replace(".",$decpoint,$zeile['tax']); $val10 = ($zeile['available'] == '1' ? "Ja" : "Nein"); $val11 = ($zeile['favorite'] == '1' ? "Ja" : "Nein"); $val12 = $zeile['extras']; $val13 = $zeile['description']; echo "$val1; $val2; $val3; \"$val4\"; \"$val5\"; $val6; $val7; $val8; $val9; $val10; $val11; $val12; $val13\n"; } } function getSingleProdData($pdo,$id) { if (is_numeric($id)) { $sql = "SELECT id,shortname,longname,priceA,priceB,priceC,IF(tax is not null, tax, 'null') as tax,available,audio,favorite from %products% where id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($id)); $row = $stmt->fetchObject(); echo json_encode($row); } } function getSingleTypeData($id) { if (is_numeric($id)) { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "SELECT id,name,usekitchen,usesupplydesk,kind,reference FROM %prodtype% WHERE removed is NULL AND id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); $affectedRows = $stmt->rowCount(); if ($affectedRows == 1) { $row = $stmt->fetchObject(); echo json_encode(array("status" => "OK", "msg" => $row)); } } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } function reassign($prodid,$typeid) { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // getSortingOfProduct $this->sorter->resortAfterProduct($pdo, $prodid); $sql = "UPDATE %products% SET category=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($typeid,$prodid)); $affectedRows = $stmt->rowCount(); $pdo->commit(); if ($affectedRows == 1) { // now declare as set to end to list $this->sorter->setMaxSortingForProdId($pdo, $prodid); echo json_encode(array("status" => "OK")); } else { echo json_encode(array("status" => "ERROR")); } } private function getMaxSortOfGenComment($pdo) { $sql = "SELECT MAX(sorting) as maxsort from %comments% WHERE prodid is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row = $stmt->fetchObject(); $maxSorting = 0; if ($row != null) { $maxSorting = intval($row->maxsort); } return $maxSorting; } private function getAssignedExtrasOfProd($prodid) { $ret = $this->getAssignedExtrasOfProdCore($prodid,null); echo json_encode(array("status" => "OK", "msg" => $ret, "prodid" => $prodid)); } private function getAssignedExtrasOfProdCore($prodid,$pdo) { if (is_null($pdo)) { $pdo = $this->dbutils->openDbAndReturnPdo(); } $sql = "SELECT DISTINCT %extras%.id AS extraid FROM %extras%,%extrasprods% WHERE %extrasprods%.prodid=? AND %extras%.id=%extrasprods%.extraid AND %extras%.removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($prodid)); $result = $stmt->fetchAll(PDO::FETCH_OBJ); $ids = array(); foreach ($result as $aRes) { $ids[] = $aRes->extraid; } return $ids; } // to be called by manager-readSpeisekarte public static function createExtraCore($pdo,$name,$price,$assignedProdIds) { if (is_null($pdo)) { $pdo = DbUtils::openDbAndReturnPdoStatic(); } $sql = "SELECT id FROM %extras% WHERE name=? AND removed is null"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($name)); $numberOfExtras = $stmt->rowCount(); if ($numberOfExtras > 0) { return ERROR_NAME_EXISTS_ALREADY; } $sql = "INSERT INTO `%extras%` (`id`,`name`,`price`) VALUES(NULL,?,?)"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($name,$price)); $lastExtraId = $pdo->lastInsertId(); $sql = "DELETE FROM %extrasprods% WHERE id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($lastExtraId)); foreach ($assignedProdIds as $assProdId) { $sql = "INSERT INTO %extrasprods% (`id` , `extraid` , `prodid`) VALUES (NULL,?,?)"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($lastExtraId,$assProdId)); $histextra = self::getExtrasForProd($pdo,$assProdId); self::updateHistOnlyForExtrasOfProd($pdo, $assProdId,$histextra); } return OK; } private function createExtra($name,$price) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $ret = self::createExtraCore($pdo,$name,$price,array()); if ($ret == ERROR_NAME_EXISTS_ALREADY) { echo json_encode(array("status" => "ERROR", "code" => ERROR_NAME_EXISTS_ALREADY, "msg" => ERROR_NAME_EXISTS_ALREADY_MSG)); $pdo->rollBack(); return; } $pdo->commit(); $this->getAllExtrasAlphaSorted(); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function applyExtra($name,$price,$id) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $sql = "SELECT id FROM %extras% WHERE name=? AND id <> ? AND removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($name,$id)); $numberOfExtras = $stmt->rowCount(); if ($numberOfExtras > 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_NAME_EXISTS_ALREADY, "msg" => ERROR_NAME_EXISTS_ALREADY_MSG, "id" => $id)); $pdo->rollBack(); return; } $sql = "UPDATE %extras% SET name=?, price=? WHERE id=? AND removed is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($name,$price,$id)); $numberOfExtras = $stmt->rowCount(); if ($numberOfExtras != 1) { echo json_encode(array("status" => "ERROR", "code" => DB_NOT_CHANGED, "msg" => DB_NOT_CHANGED_MSG, "id" => $id)); $pdo->rollBack(); return; } $pdo->commit(); $this->getAllExtrasAlphaSorted(); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG, "id" => $id)); } } private function delExtra($id) { // TODO: hist! // TODO: extrasprods cleanen try { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "UPDATE %extras% SET removed='1' WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); $this->getAllExtrasAlphaSorted(); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } /** * Add a new comment to the list of general comments that are not bound to a product * @param string $comment */ private function addGeneralComment($comment) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // what is the max sort number because it shall be added afterwards $maxSorting = $this->getMaxSortOfGenComment($pdo); // insert the comment $sql = "INSERT INTO `%comments%` (`id`,`comment`,`prodid`,`active`,`sorting`) VALUES(NULL,?,NULL,1,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($comment,$maxSorting+1)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function getAllGeneralComments() { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "SELECT id,comment,sorting FROM %comments% WHERE prodid is null ORDER BY sorting ASC"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(); $commentArray = array(); foreach($result as $row) { $commentArray[] = array("id" => $row['id'], "comment" => $row['comment'], "sorting" => $row['sorting']); } echo json_encode(array("status" => "OK", "msg" => $commentArray)); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function changeGeneralComment($id,$comment) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "UPDATE %comments% SET comment=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($comment,$id)); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function getSortingOfComment($pdo,$id) { $sql = "SELECT sorting FROM %comments% WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); $row = $stmt->fetchObject(); if ($row == null) { return (-1); } else { return intval($row->sorting); } } private function delGeneralComment($id) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // which sorting has the comment to delete? $sorting = $this->getSortingOfComment($pdo, $id); if ($sorting < 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); return; } // delete the comment $sql = "DELETE FROM %comments% WHERE id=? AND prodid is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); // subtract all sortings by one higher then the deleted sorting index $sql = "SELECT id,sorting FROM %comments% WHERE sorting>? AND prodid is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting)); $result = $stmt->fetchAll(); $commentsToUpdate = array(); foreach($result as $row) { $theId = $row['id']; $theSort = intval($row['sorting'])-1; $sql = "UPDATE %comments% SET sorting=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($theSort,$theId)); } $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function upGeneralComment($id) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // which sorting has the comment to delete? $sorting = $this->getSortingOfComment($pdo, $id); if ($sorting < 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); return; } if ($sorting == 1) { // finished $pdo->commit(); echo json_encode(array("status" => "OK")); return; } // get comment before $sql = "SELECT id FROM %comments% WHERE sorting=? AND prodid is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting - 1)); $row = $stmt->fetchObject(); $previousId = $row->id; // change these two comments in its ordering $sql = "UPDATE %comments% SET sorting=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting,$previousId)); $sql = "UPDATE %comments% SET sorting=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting-1,$id)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } private function downGeneralComment($id) { try { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // which sorting has the comment to delete? $sorting = $this->getSortingOfComment($pdo, $id); if ($sorting < 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); return; } // is it at end of list? $maxSorting = $this->getMaxSortOfGenComment($pdo); if (($maxSorting == 0) || ($maxSorting == $sorting)) { // finished $pdo->commit(); echo json_encode(array("status" => "OK")); return; } // get comment afterwards $sql = "SELECT id FROM %comments% WHERE sorting=? AND prodid is null"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting + 1)); $row = $stmt->fetchObject(); $nextId = $row->id; // change these two comments in its ordering $sql = "UPDATE %comments% SET sorting=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting,$nextId)); $sql = "UPDATE %comments% SET sorting=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($sorting+1,$id)); $pdo->commit(); echo json_encode(array("status" => "OK")); } catch (PDOException $e) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); } } function sortup($prodid) { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $this->sorter->sortup($pdo, $prodid); $pdo->commit(); echo json_encode("OK"); } function sortdown($prodid) { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $this->sorter->sortdown($pdo, $prodid); $pdo->commit(); echo json_encode("OK"); } function delproduct($prodid) { $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $this->sorter->delproduct($pdo, $prodid); $pdo->commit(); echo json_encode("OK"); } function applySingleProdData($id,$longname,$shortname,$priceA,$priceB,$priceC,$tax,$available,$audioFile,$changeExtras,$extras,$favorite,$assignextrastotype) { if (!is_numeric($id) || !is_numeric($available) || !is_numeric($favorite) ||!is_numeric($priceA) || !is_numeric($priceB) || !is_numeric($priceC) || (!is_numeric($tax) && ($tax != "null")) ) { return; } if ($tax == "null") { $tax = null; } if ($audioFile == '') { $audioFile = null; } $updateSql = "UPDATE %products% SET shortname=?, longname=?, priceA=?, priceB=?, priceC=?, tax=?, available=?, audio=?, favorite=? WHERE id=?"; $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($updateSql)); $stmt->execute(array($shortname,$longname,$priceA,$priceB,$priceC,$tax,$available,$audioFile,$favorite,$id)); if ($assignextrastotype == 0) { if ($changeExtras == 1) { $this->changeExtraAssignment($pdo, $id, $extras); } // now this has to be logged in the history tables... HistFiller::updateProdInHist($pdo,$id); } else { $prodids = self::getAllProdIdOfSameTypeAndBelow($pdo,$id); foreach ($prodids as $aProdId) { $this->changeExtraAssignment($pdo, $aProdId, $extras); $histextra = self::getExtrasForProd($pdo,$aProdId); self::updateHistOnlyForExtrasOfProd($pdo, $aProdId,$histextra); } } $pdo->commit(); $this->getSingleProdData($pdo,$id); } private static function updateHistOnlyForExtrasOfProd($pdo,$aProdId,$histextra) { HistFiller::updateProdInHist($pdo, $aProdId); } function changeExtraAssignment($pdo,$prodid,$extras) { $sql = "DELETE FROM %extrasprods% WHERE prodid=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($prodid)); $histextra = ""; if (!is_null($extras) && ($extras != "")) { $sql = "INSERT INTO %extrasprods% (`id` , `extraid` , `prodid`) VALUES (NULL,?,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); foreach($extras as $anExtra) { $stmt->execute(array($anExtra,$prodid)); } } } private static function getExtrasForProd($pdo,$prodid) { $sql = "SELECT DISTINCT %extras%.name as extraname from %extras%,%extrasprods% where %extras%.removed is null AND %extrasprods%.extraid=%extras%.id AND %extrasprods%.prodid=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($prodid)); $result = $stmt->fetchAll(); $extraArr = array(); if (count($result) == 0) { return ""; } else { foreach($result as $row) { $extraArr[] = $row['extraname']; } return(implode(", ", $extraArr)); } } function createProdType($id,$prodTypeName) { if (!is_numeric($id)) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_ID_TYPE, "msg" => ERROR_GENERAL_ID_TYPE_MSG)); return; } $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // which kind is the referenced type? $sql = "SELECT kind FROM %prodtype% WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($id)); $row =$stmt->fetchObject(); if ($row == null) { echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG)); return; } $kind = $row->kind; $sql = "INSERT INTO `%prodtype%` (`id`,`name`,`usekitchen`,`usesupplydesk`,`kind`,`printer`,`sorting`,`reference`) "; $sql .= " VALUES(NULL,?,1,1,?,1,NULL,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($prodTypeName,$kind,$id)); $pdo->commit(); echo json_encode(array("status" => "OK")); } function createProduct($longname,$shortname,$priceA,$priceB,$priceC,$tax,$available,$typeId,$audioFile,$favorite) { if (!is_numeric($typeId) || !is_numeric($available) || !is_numeric($favorite)|| !is_numeric($priceA) || !is_numeric($priceB) || !is_numeric($priceC)) { return; } if ($tax == "null") { $tax = null; } if ($audioFile == '') { $audioFile = null; } if (trim($shortname) == "") { $shortname = $longname; } $sql = "INSERT INTO `%products%` (`id`, `shortname`, `longname`, `priceA`, `priceB`, `priceC`, `tax`, `category`,`favorite`,`available`,`audio`) VALUES (NULL,?,?,?,?,?,?,?,?,?,?)"; $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($shortname,$longname,$priceA,$priceB,$priceC,$tax,$typeId,$favorite,$available,$audioFile)); $newProdId = $pdo->lastInsertId(); $this->sorter->setMaxSortingForProdId($pdo, $newProdId); $pdo->commit(); // now this has to be logged in the history tables... HistFiller::createProdInHist($pdo, $newProdId); echo json_encode("OK: sql"); } /* * Change the properties of a type of products */ function applyType($id,$name,$kind,$usekitchen,$usesupply,$printer) { if (!is_numeric($id) || !is_numeric($kind) || !is_numeric($usekitchen) || !is_numeric($usesupply) || !is_numeric($printer)) { return; } $pdo = $this->dbutils->openDbAndReturnPdo(); $updateSql = "UPDATE %prodtype% SET kind=?, name=?, usekitchen=?, usesupplydesk=?, printer=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($updateSql)); $stmt->execute(array($kind,$name,$usekitchen,$usesupply,$printer,$id)); echo json_encode("OK: $updateSql"); } function delType($id) { if (!is_numeric($id)) { echo json_encode(array("status" => "FAILED")); } $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $this->delTypeCore($pdo, $id); $pdo->commit(); echo json_encode(array("status" => "OK")); } function delTypeCore($pdo,$id) { $allTypesInThisLevel = $this->getProdTypesWithReferenz($pdo,$id); foreach ($allTypesInThisLevel as $aType) { $this->delTypeCore($pdo, $aType["id"]); } $allProdsInThisLevel = $this->getProductsWithReferenz($pdo,$id); foreach ($allProdsInThisLevel as $aProd) { self::declareProductAsDeletedWithoutResort($pdo, $aProd["id"]); } self::declareTypeAsDeleted($pdo, $id); } static private function declareTypeAsDeleted($pdo,$id) { $sql = "UPDATE %prodtype% SET removed=? WHERE id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array(1,$id)); } static private function declareProductAsDeletedWithoutResort($pdo,$id) { $sql = "UPDATE %products% SET removed=? WHERE id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array(1,$id)); } /* * Return a html table with all products in a structured way */ private function getDbProductsWithRef_json_version($pdo,$ref,$depth) { $allProdsAndTypesInThisLevel = array(); $allProdsInThisLevel = $this->getProductsWithReferenz($pdo,$ref); $allTypesInThisLevel = $this->getProdTypesWithReferenz($pdo,$ref); for ($index_prod=0;$index_prod $aProd, "content" => ''); } for ($index_type=0;$index_type < count($allTypesInThisLevel);$index_type++) { $aProdType = $allTypesInThisLevel[$index_type]; $typeRef = $aProdType['id']; $allProdsAndTypesInThisLevel[] = array("entry" => $aProdType,"content" => $this->getDbProductsWithRef_json_version($pdo,$typeRef,$depth+1)); } return $allProdsAndTypesInThisLevel; } // return in text format private function readDbProductsWithRef_json_version($pdo,$ref,$depth) { $decpoint = $this->getDecPoint($pdo); $text = ""; $allProdsInThisLevel = $this->getProductsWithReferenz($pdo,$ref); $allTypesInThisLevel = $this->getProdTypesWithReferenz($pdo,$ref); for ($index_prod=0;$index_prodreadDbProductsWithRef_json_version($pdo,$typeRef,$depth+1); } return $text; } private function getPriceLevelInfo() { $pdo = DbUtils::openDbAndReturnPdoStatic(); if(session_id() == '') { session_start(); } $lang = $_SESSION['language']; $currentPriceLevel = $this->commonUtils->getCurrentPriceLevel($pdo); $currentPriceLevelId = $currentPriceLevel["id"]; $currentPriceLevelName = $currentPriceLevel["name"]; $pricelevels = array(); $sql = "SELECT id,name,info FROM %pricelevel%"; if ($lang == 1) { $sql = "SELECT id,name,info_en as info FROM %pricelevel%"; } else if ($lang == 2) { $sql = "SELECT id,name,info_esp as info FROM %pricelevel%"; } $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(); $result = $stmt->fetchAll(); foreach($result as $zeile) { $theId = $zeile['id']; $selected = "0"; if ($theId == $currentPriceLevelId) { $selected = "1"; } $levels_entry = array( "id" => $theId, "name" => $zeile['name'], "info" => $zeile['info'], "selected" => $selected); $pricelevels[] = $levels_entry; } $retArray = array("currentId" => $currentPriceLevelId, "currentName" => $currentPriceLevelName, "levels" => $pricelevels); echo json_encode($retArray); } private function setPriceLevelInfo($levelId) { if (is_numeric($levelId)) { $pdo = DbUtils::openDbAndReturnPdoStatic(); $updateSql = "UPDATE %config% SET setting=? WHERE name='pricelevel'"; $stmt = $pdo->prepare(DbUtils::substTableAlias($updateSql)); $stmt->execute(array($levelId)); echo json_encode("OK"); } } public function getSpeisekarte($pdo) { $legend = file_get_contents("../customer/menulegend.txt"); $decpoint = $this->getDecPoint($pdo); $sql = "SELECT * FROM %products% WHERE removed is null"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(); $numberOfProds = $stmt->rowCount(); $sql = "SELECT * FROM %prodtype% WHERE removed is null"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(); $numberOfProdTypes = $stmt->rowCount(); $predef = file_get_contents ("../customer/speisekarte.txt"); $predef = str_replace('{.}',$decpoint,$predef); if (($numberOfProds == 0) && ($numberOfProdTypes == 0)) { // no products defined yet - present Beispiel $text = $legend; } else { $text = $legend . $this->readDbProducts($pdo); } return array("status" => "OK","msg" => $text, "predef" => $predef); } private function endsWith($haystack, $needle) { return $needle === "" || substr($haystack, -strlen($needle)) === $needle; } private function getAudioFiles() { $dir = '../customer'; $fileList = scandir($dir); $audioFiles = array(); foreach ($fileList as $aFile) { if ($this->endsWith($aFile, '.mp3') || $this->endsWith($aFile, '.ogg') || $this->endsWith($aFile, '.wav')) { $audioFiles[] = $aFile; } } echo json_encode($audioFiles); } } ?>