dbutils = new DbUtils(); require_once 'translations.php'; } function handleCommand($command) { if ($command == 'exportCsv') { if ($this->hasCurrentUserAdminOrManagerRights()) { // yes, we can export the data $this->exportCsv($_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_AUTHOTRIZED, "msg" => ERROR_BILL_NOT_AUTHOTRIZED_MSG)); } return; } if ($command == 'exportPdfReport') { if ($this->hasCurrentUserAdminOrManagerRights()) { $this->exportPdfReport($_GET['lang'],$_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']); } else { echo "Benutzer nicht berechtigt"; } return; } if ($command == 'exportPdfSummary') { if ($this->hasCurrentUserAdminOrManagerRights()) { $this->exportPdfSummary($_GET['lang'],$_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']); } else { echo "Benutzer nicht berechtigt"; } return; } if ($command == 'exportCsvOfClosing') { if ($this->hasCurrentUserAdminOrManagerRights()) { // yes, we can export the data $this->exportCsvOfClosing($_GET['closingid']); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_MANAGER_NOT_AUTHOTRIZED, "msg" => ERROR_MANAGER_NOT_AUTHOTRIZED_MSG)); } return; } if ($command == 'doCashAction') { if ($this->hasCurrentUserPaydeskRights()) { $this->doCashAction($_POST['money']); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG)); } return; } else if ($command == 'getCashOverviewOfUser') { if ($this->hasCurrentUserPaydeskRights()) { $this->getCashOverviewOfUser(); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_PAYDESK_NOT_AUTHOTRIZED, "msg" => ERROR_PAYDESK_NOT_AUTHOTRIZED_MSG)); } return; } if ($this->hasCurrentUserBillRights()) { if ($command == 'getLastBillsWithContent') { $this->getLastBillsWithContent($_GET['day'],$_GET['month'],$_GET['year']); } else if ($command == 'cancelBill') { $this->cancelBill($_POST['billid'],$_POST['stornocode']); } } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_AUTHOTRIZED, "msg" => ERROR_BILL_NOT_AUTHOTRIZED_MSG)); } } // for internal request private function hasCurrentUserBillRights() { session_start(); if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { // no user logged in return false; } else { return ($_SESSION['right_bill']); } } private function hasCurrentUserPaydeskRights() { session_start(); if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { // no user logged in return false; } else { return ($_SESSION['right_paydesk']); } } // for internal request private function hasCurrentUserAdminOrManagerRights() { session_start(); if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { // no user logged in return false; } else { return ($_SESSION['right_manager'] || $_SESSION['is_admin']); } } /** * get the content of a bill (to be used for printserver etc.) * * @param unknown $billid */ function getBillWithId($billid,$language,$printer) { set_time_limit(120); $pdo = $this->dbutils->openDbAndReturnPdo(); // is bill correct with signature? $commonUtils = new CommonUtils(); $correct = $commonUtils->verifyBill($pdo, $billid); if (!$correct) { echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG)); return; } // first: get the bill overall data // is the bill for a table or togo $sql = "SELECT tableid FROM %bill% WHERE id=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($billid)); $row = $stmt->fetchObject(); $sql = "SELECT count(id) as countid FROM %queue% WHERE billid=?"; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($billid)); $qrow = $stmt->fetchObject(); if ($qrow->countid == 0) { if ($row->tableid == 0) { // togo $sql = "SELECT DISTINCT billdate,brutto,netto,'-' as tablename,username,host FROM %bill%,%user% WHERE %bill%.id=? AND userid=%user%.id AND tableid='0' "; } else { $sql = "SELECT DISTINCT billdate,brutto,netto,tableno as tablename,username,host FROM %bill%,%user%,%resttables% WHERE %bill%.id=? AND userid=%user%.id AND tableid=%resttables%.id "; } } else { if ($row->tableid == 0) { // togo $sql = "SELECT DISTINCT billdate,brutto,netto,'-' as tablename,username,host FROM %bill%,%user%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid='0' AND paidtime is not null "; } else { $sql = "SELECT DISTINCT billdate,brutto,netto,tableno as tablename,username,host FROM %bill%,%user%,%resttables%,%queue% WHERE %bill%.id=? AND %bill%.id=%queue%.billid AND userid=%user%.id AND tableid=%resttables%.id AND paidtime is not null "; } } $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($billid)); $row = $stmt->fetchObject(); if ($row == null) { // no rows found -> deliver no content echo json_encode(array("billoverallinfo" => array())); return; } else { if (is_null($row->host)) { $host = 0; // default } else { $host = $row->host; } $thetimedate = $row->billdate; $thetimedate_arr = explode ( ' ', $thetimedate ); $thedate = $thetimedate_arr[0]; $datearr = explode ( '-', $thedate ); $day = sprintf("%02s", $datearr[2]); $month = sprintf("%02s", $datearr[1]); $year = sprintf("%04s", $datearr[0]); $thetime = $thetimedate_arr[1]; $thetimearr = explode ( ':', $thetime ); $hour = $thetimearr[0]; $min = $thetimearr[1]; $thetimedate = "$day.$month.$year $hour:$min"; $billoverallinfo = array( "id" => $billid, "billdate" => $thetimedate, "billday" => $day, "billmonth" => $month, "billyear" => $year, "billhour" => $hour, "billmin" => $min, "brutto" => $row->brutto, "netto" => $row->netto, "table" => $row->tablename, "username" => $row->username, "printer" => $printer, "host" => $host ); $billtranslations = array( "sum" => $this->P_SUM[$language], "total" => $this->P_TOTAL[$language], "mwst" => $this->P_MWST[$language], "netto" => $this->P_NETTO[$language], "brutto" => $this->P_BRUTTO[$language], "id" => $this->P_ID[$language], "table" => $this->P_TABLE[$language], "waiter" => $this->P_WAITER[$language], "no" => $this->P_NO[$language], "descr" => $this->P_DESCR[$language], "price" => $this->P_PRICE[$language] ); } // now get all products of this bill $sql = "select productname,price,%pricelevel%.name as pricelevelname,count(%queue%.productname) as count from %bill%,%queue%,%pricelevel% where %bill%.id=? and %queue%.billid=%bill%.id AND paidtime is not null AND %queue%.pricelevel = %pricelevel%.id group by productname,price,pricelevelname"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($billid)); $result = $stmt->fetchAll(); $prodarray = array(); foreach($result as $zeile) { $prodarray[] = array("count" => $zeile['count'], "productname" => $zeile['productname'], "pricelevel" => $zeile['pricelevelname'], "price" => $zeile['price'] ); } $sql = "select tax,round(sum(price) - sum(price / (1.0 + tax/100.0)),2) as mwst, round(sum(price / (1.0 + tax/100.0)),2) as netto, sum(price) as brutto FROM %queue% WHERE billid=? group by tax ORDER BY tax"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($billid)); $result = $stmt->fetchAll(PDO::FETCH_OBJ); $out = array("billoverallinfo" => $billoverallinfo,"translations" => $billtranslations,"products" => $prodarray, "taxes" => $result); return $out; } /* * insert or take out cash money. The direction done by sign of $money value */ private function doCashAction($money) { // current time date_default_timezone_set(DbUtils::getTimeZone()); $currentTime = date('Y-m-d H:i:s'); $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); $sql = "SELECT sum(brutto) as bruttosum FROM %bill% WHERE closingid is null AND paymentid='1'"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { $sum = $row->bruttosum; if (is_null($sum)) { // no transaction after last closing $sum = 0.0; } if (($sum + floatval($money)) >= 0.0) { // Test if it is allowed to insert new bill as storno bill or if manipulation has happened $nextbillid = $this->testForNewBillIdAndUpdateWorkTable($pdo); if ($nextbillid < 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG)); $pdo->rollBack(); } $userId = $this->getUserId(); // now calculate the signature for the bill entry $commonUtils = new CommonUtils(); $signature = $commonUtils->calcSignatureForBill($pdo,$currentTime, $money, $money, 0.0, $userId); $sql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`signature`) VALUES ( ?, ? , ?,?,?, ?, 'c', ?,?,?,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($nextbillid,$currentTime,$money,$money,'0.00',-1,1,$userId,NULL,$signature)); $pdo->commit(); echo json_encode(array("status" => "OK")); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT, "msg" => ERROR_BILL_LESS_MONEY_TO_TAKE_OUT_MSG)); } } else { $pdo->rollBack(); echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_PAYDESK_SUM, "msg" => ERROR_GENERAL_PAYDESK_SUM_MSG)); return; } } /* * User may ask what money he should have in his pocket by serving the guests. If the inserts and * take outs are in in his waiter paydesk then this value is of interest, too. Return both. */ function getCashOverviewOfUser() { $userId = $this->getUserId(); // without cash insert and cash takeout $onlyCashByGuests = 0.0; $pdo = $this->dbutils->openDbAndReturnPdo(); $sql = "SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND status is null AND paymentid=1 AND userid='$userId'"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { if ($row->sumtotal != null) { $onlyCashByGuests = $row->sumtotal; } } // with cash $cashByGuestsAndInsertTakeOut = 0.0; $sql = "SELECT sum(brutto) as sumtotal FROM %bill% WHERE closingid is null AND paymentid='1' AND userid='$userId' AND (status is null OR status ='c')"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { if ($row->sumtotal != null) { $cashByGuestsAndInsertTakeOut = $row->sumtotal; } } echo json_encode(array("guestmoney" => $onlyCashByGuests, "total" => $cashByGuestsAndInsertTakeOut)); } function getLastBillsWithContent($day,$month,$year) { date_default_timezone_set(DbUtils::getTimeZone()); $currentTime = date('Y-m-d H:i:s'); $startDate = "$year-$month-$day 00:00:00"; $endDate = "$year-$month-$day 23:59:59"; $whenClause = " (billdate >= ? AND billdate <= ?)"; // search for the bill language $pdo = $this->dbutils->openDbAndReturnPdo(); $admin = new Admin(); $genValues = $admin->getGeneralConfigItems(false, $pdo); $l = $genValues['billlanguage']; $commonUtils = new CommonUtils(); $sql = "SELECT id,billdate,brutto,tableid,closingid,status FROM %bill% WHERE tableid >= '0' AND status is null AND $whenClause ORDER BY billdate DESC "; $stmt = $pdo->prepare(DbUtils::substTableAlias($sql)); $stmt->execute(array($startDate,$endDate)); $result = $stmt->fetchAll(); $resultarray = array(); foreach($result as $zeile) { $theId = $zeile['id']; if (!$commonUtils->verifyBill($pdo, $theId)) { mysqli_free_result( $dbresult ); echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG)); return; } date_default_timezone_set(DbUtils::getTimeZone()); $date = new DateTime($zeile['billdate']); $shortdate = $date->format('H:i'); $closingID = $zeile['closingid']; $isClosed = (is_null($closingID) ? 0 : 1); $arr = array("id" => $theId, "longdate" => $zeile['billdate'], "shortdate" => $shortdate, "brutto" => $zeile['brutto'], "tablename" => $commonUtils->getTableNameFromId($zeile['tableid']), "billcontent" => $this->getBillWithId($theId,$l,0), "isClosed" => $isClosed ); $resultarray[] = $arr; } // insert also the host-html just in case it is needed $hosthtml = file_get_contents("../customer/bon-bewirtungsvorlage.html"); ob_start(); echo json_encode(array("status" => "OK", "code" => OK, "msg" => $resultarray, "hosthtml" => $hosthtml)); ob_end_flush(); } private function getUserId() { if(session_id() == '') { session_start(); } return $_SESSION['userid']; } /** * Test if it is allowed to insert new bill as storno bill or if manipulation has happened * * Returns (-1) in case of an error, a positive return value is the new id, (which is already updated in work table) */ private function testForNewBillIdAndUpdateWorkTable($pdo) { $commonUtils = new CommonUtils(); $sql = "SELECT MAX(id) as maxbillid FROM %bill%"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row = $stmt->fetchObject(); $nextbillid = intval($row->maxbillid) + 1; if (!$commonUtils->verifyLastBillId($pdo, $nextbillid)) { return (-1); } else { // ok - then increment that last id in the work table $commonUtils->setLastBillIdInWorkTable($pdo, $nextbillid); return $nextbillid; } } /* * Cancel a bill - set all queue items to not paid and drop the bill entry */ private function cancelBill($billid,$stornocode) { // current time date_default_timezone_set(DbUtils::getTimeZone()); $currentTime = date('Y-m-d H:i:s'); // check if stornocode is correct $sql = "SELECT setting FROM %config% WHERE name='stornocode'"; $dbresult = $this->dbutils->performSqlCommand($sql); $numberOfVals = mysqli_num_rows($dbresult); if ($numberOfVals != 1) { // stornocode not fixed mysqli_free_result( $dbresult ); echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_NOT_STORNO_CODE, "msg" => ERROR_BILL_NOT_STORNO_CODE_MSG)); return; } $zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC); $stornocodeInDb = $zeile['setting']; mysqli_free_result( $dbresult ); if ($stornocode != $stornocodeInDb) { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_WRONG_STORNO_CODE, "msg" => ERROR_BILL_WRONG_STORNO_CODE_MSG)); return; } if (!is_numeric($billid)) { // this may be an attack... echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_WRONG_NUMERIC_VALUE, "msg" => ERROR_BILL_WRONG_NUMERIC_VALUE_MSG)); return; } // Do transactional cancel $pdo = $this->dbutils->openDbAndReturnPdo(); $pdo->beginTransaction(); // is the bill already closed? In this case no cancel is allowed! $sql = "SELECT brutto,netto,tax,tableid,closingid,status,paymentid FROM %bill% WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($billid)); $row =$stmt->fetchObject(); $closingId = null; if ($row != null) { $closingId = $row->closingid; // save the next data for a copy! $brutto = $row->brutto; $netto = $row->netto; $tax = $row->tax; $tableid = $row->tableid; $status = $row->status; $paymentid = $row->paymentid; } if (!is_null($closingId) || ($status == 's') || ($status == 'x')) { // no cancel possible anymore! $pdo->rollBack(); if (($status == 's') || ($status == 'x')) { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_ALREADY_CANCELLED, "msg" => ERROR_BILL_ALREADY_CANCELLED_MSG)); } else { echo json_encode(array("status" => "ERROR", "code" => ERROR_BILL_ALREADY_CLOSED, "msg" => ERROR_BILL_ALREADY_CLOSED_MSG)); } return; } // is bill correct with signature? $commonUtils = new CommonUtils(); $correct = $commonUtils->verifyBill($pdo, $billid); if (!$correct) { $pdo->rollBack(); echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG)); return; } // Test if it is allowed to insert new bill as storno bill or if manipulation has happened $nextbillid = $this->testForNewBillIdAndUpdateWorkTable($pdo); if ($nextbillid < 0) { echo json_encode(array("status" => "ERROR", "code" => ERROR_INCONSISTENT_DB, "msg" => ERROR_INCONSISTENT_DB_MSG)); $pdo->rollBack(); return; } // 0. find the queueitems that are related to that bill $sql = "SELECT id FROM %queue% WHERE billid=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($billid)); $result = $stmt->fetchAll(); $queueIdArray = array(); foreach($result as $row) { $queueIdArray[] = $row['id']; } // 1. clear connection between queue item and bill $sql = "UPDATE %queue% SET paidtime=null,billid=null WHERE billid=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($billid)); // 2. copy bill with negativ brutto as part of storno $userIdOfStornoUser = $this->getUserId(); $stornval = 0.0 - floatval($brutto); $stornonettoval = 0.0 - floatval($netto); $commonUtils = new CommonUtils(); $signature = $commonUtils->calcSignatureForBill($pdo,$currentTime, $stornval, $stornonettoval, $tax, $userIdOfStornoUser); $sql = "INSERT INTO `%bill%` (`id` , `billdate`,`brutto`,`netto`,`tax`,`tableid`, `status`, `paymentid`,`userid`,`ref`,`host`,`signature`) VALUES ( ?, ? , ?, ?,?,?, 's', ?,?,?,?,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($nextbillid,$currentTime,$stornval,$stornonettoval,$tax,$tableid,$paymentid,$userIdOfStornoUser,$billid,0,$signature)); $refIdOfStornoEntry = $pdo->lastInsertId(); // 3. mark bill as part of storno $sql = "UPDATE %bill% SET status='x', closingid=null, ref=? WHERE id=?"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array($refIdOfStornoEntry,$billid)); // 4. now put the queue items into the billproducts so that later storno is evaluable foreach ($queueIdArray as $aQueueid) { $billProdsSql = "INSERT INTO `%billproducts%` (`queueid` , `billid`) VALUES ( ?,?)"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($billProdsSql)); $stmt->execute(array($aQueueid,$refIdOfStornoEntry)); } $pdo->commit(); // end of transactional cancel echo json_encode(array("status" => "OK", "code" => OK)); return; } private function exportPdfReport($startMonth,$startYear,$endMonth,$endYear) { $pdfExport = new PdfExport(); $pdfExport->exportPdfReport($_GET['lang'],$_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']); } private function exportPdfSummary($startMonth,$startYear,$endMonth,$endYear) { $pdfExport = new PdfExport(); $pdfExport->exportPdfSummary($_GET['lang'],$_GET['startMonth'],$_GET['startYear'],$_GET['endMonth'],$_GET['endYear']); } private function exportCsv($startMonth,$startYear,$endMonth,$endYear) { $this->exportCsv_bin($startMonth,$startYear,$endMonth,$endYear,null); } /* * Method to export data of a special closing */ private function exportCsvOfClosing($closingid) { $this->exportCsv_bin(null,null,null,null,$closingid); } private function getDecPoint() { $sql = "SELECT name,setting FROM %config% WHERE name=?"; $pdo = $this->dbutils->openDbAndReturnPdo(); $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(array("decpoint")); $row = $stmt->fetchObject(); return($row->setting); } private function exportCsv_bin($startMonth,$startYear,$endMonth,$endYear,$onlyClosingId) { if(session_id() == '') { session_start(); } $l = $_SESSION['language']; $commonUtils = new CommonUtils(); $currency = $commonUtils->getCurrency(); $decpoint = $this->getDecPoint(); if ($onlyClosingId == null) { if ($startMonth < 10) { $startMonth = "0" . $startMonth; } if ($endMonth < 10) { $endMonth = "0" . $endMonth; } $startDate = $startYear . "-" . $startMonth . "-01 00:00:00"; // now find last day of month of end date! $endDate = $endYear . "-" . $endMonth . "-01"; $lastdayOfMonth = date("t", strtotime($endDate)); $endDate = $endYear . "-" . $endMonth . "-" . $lastdayOfMonth . " 23:59:59"; } $file_name = "datenexport.csv"; header("Content-type: text/x-csv"); header("Content-Disposition: attachment; filename=$file_name"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); header("Expires: 0"); $firstCsvPart = $this->t['ID'][$l] . ";" . $this->t['Date'][$l] . ";" . $this->t['Brutto'][$l] . "($currency);"; $firstCsvPart .= $this->t['Netto'][$l] . "($currency);"; $firstCsvPart .= $this->t['State'][$l] . ";" . $this->t['Ref'][$l] . ";"; $firstCsvPart .= $this->t['host'][$l] . ";"; $firstCsvPart .= $this->t['Userid'][$l] . ";" . $this->t['User'][$l] . ";"; if ($onlyClosingId == null) { $ret = $firstCsvPart . $this->t['ClosId'][$l] . ";" . $this->t['ClosDate'][$l] . ";" . $this->t['PayWay'][$l] . ";" . $this->t['ClosRemark'][$l] . "\n"; echo $ret; } else { // closing id is know - do not output unnecessary info $ret = $firstCsvPart . $this->t['PayWay'][$l] . "\n"; echo $ret; } // first get the billids for that closing $billIdsForThatClosing = array(); $payment_lang = array("name","name_en","name_esp"); $payment_col = $payment_lang[$l]; $sql = "SELECT DISTINCT %bill%.id,%bill%.signature,billdate,brutto,netto,IF(tax is not null, tax, '0.00') as tax,status,closingdate,remark,%bill%.host,%bill%.closingid,%payment%.$payment_col as payway,userid,ref,username FROM %bill%,%closing%,%payment%,%user% "; $sql .= "WHERE closingid is not null AND %bill%.closingid=%closing%.id "; $sql .= " AND %bill%.paymentid=%payment%.id "; if ($onlyClosingId == null) { // search for time span $sql .= " AND %bill%.billdate BETWEEN '$startDate' AND '$endDate' "; } else { // search for a special closing id $sql .= " AND closingid='$onlyClosingId' "; } $sql .= " AND %bill%.userid = %user%.id "; $sql .= "ORDER BY billdate"; $dbresult = $this->dbutils->performSqlCommand($sql); $retValues = array(); while ($zeile = mysqli_fetch_array( $dbresult, MYSQL_ASSOC)) { $billid = $zeile['id']; $billdate = $zeile['billdate']; $brutto_orig = $zeile['brutto']; $netto_orig = $zeile['netto']; $tax_orig = $zeile['tax']; $brutto = str_replace(".",$decpoint,$brutto_orig); $netto = str_replace(".",$decpoint,$netto_orig); $tax = str_replace(".",$decpoint,$tax_orig); $signature = $zeile['signature']; $status = $zeile['status']; if ($status == 'x') { $status = $this->t["laterCancelled"][$l]; } else if ($status == 's') { $status = $this->t["storno"][$l]; } else if ($status == 'c') { $status = $this->t["cashact"][$l]; } else { $status = ""; } $ref = ($zeile['ref'] == null ? "" : $zeile['ref']); $userid = $zeile['userid']; $username = $zeile['username']; $closingid = $zeile['closingid']; $closingdate = $zeile['closingdate']; $remark = '"' . addslashes($zeile['remark']) . '"'; $paymentname = '"' . addslashes($zeile['payway']) . '"'; $host = ($zeile['host'] == 1 ? "x" : "-"); // verifyBillByValues($billdate,$brutto,$netto,$tax,$userid,$signature) { if (!$commonUtils->verifyBillByValues(null,$billdate, $brutto_orig, $netto_orig, $tax_orig, $userid, $signature)) { echo "Inconsistent Data Base Content!\n"; mysqli_free_result( $dbresult ); return; } if ($billid == null) { $billid = "-"; } if ($onlyClosingId == null) { echo "$billid ; $billdate; $brutto; $netto; $status; $ref; $host; $userid;$username ; $closingid; $closingdate; $paymentname; $remark\n"; } else { echo "$billid ; $billdate; $brutto; $netto; $status; $ref; $host; $userid;$username ; $paymentname\n"; } } mysqli_free_result( $dbresult ); } } ?>