155 lines
5.1 KiB
PHP
155 lines
5.1 KiB
PHP
<?php
|
|
require_once ('dbutils.php');
|
|
|
|
class Feedback {
|
|
var $dbutils;
|
|
function __construct() {
|
|
$this->dbutils = new DbUtils();
|
|
}
|
|
|
|
function handleCommand($command) {
|
|
if ($command == 'sendMail') {
|
|
$this->sendMail($_POST['role'],$_POST['topic'],$_POST['email'],$_POST['tel'],$_POST['allowSendRights'],$_POST['content']);
|
|
}
|
|
else {
|
|
echo "Kommando nicht unterstuetzt.";
|
|
}
|
|
}
|
|
|
|
function isUserAlreadyLoggedInForPhp() {
|
|
if(session_id() == '') {
|
|
session_start();
|
|
}
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
return false;
|
|
} else {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
private function getFromEmail() {
|
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
|
|
|
$email="";
|
|
$sql = "SELECT setting FROM %config% where name='email'";
|
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
|
$stmt->execute();
|
|
$row =$stmt->fetchObject();
|
|
if ($row != null) {
|
|
$email = $row->setting;
|
|
}
|
|
return $email;
|
|
}
|
|
|
|
function spamcheck($field) {
|
|
// Sanitize e-mail address
|
|
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
|
|
// Validate e-mail address
|
|
if(filter_var($field, FILTER_VALIDATE_EMAIL)) {
|
|
return TRUE;
|
|
} else {
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
function sqlresult($pdo,$sql,$sqlval) {
|
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
|
$stmt->execute();
|
|
$row =$stmt->fetchObject();
|
|
if ($row != null) {
|
|
return($row->$sqlval);
|
|
} else {
|
|
return 0;
|
|
}
|
|
}
|
|
function getdbinfo() {
|
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
|
|
|
$info = "\n\nWaiting print jobs:\n";
|
|
// workprintjobswaiting
|
|
$foodjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=1","number");
|
|
$drinkjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=2","number");
|
|
$payjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=3","number");
|
|
|
|
$info .= "Speisebons: $foodjobs\n";
|
|
$info .= "Getränkebons: $drinkjobs\n";
|
|
$info .= "Kassenbons: $payjobs\n\n";
|
|
|
|
// db sizes
|
|
$info .= $this->getDatabaseSizes($pdo);
|
|
return $info;
|
|
}
|
|
|
|
function getDatabaseSizes($pdo) {
|
|
$sql = 'SELECT table_schema "Data Base Name",
|
|
sum( data_length + index_length ) / 1024 / 1024 "Data Base Size in MB",
|
|
sum( data_free )/ 1024 / 1024 "Free Space in MB"
|
|
FROM information_schema.TABLES
|
|
GROUP BY table_schema';
|
|
$pdo = $this->dbutils->openDbAndReturnPdo();
|
|
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
|
$stmt->execute();
|
|
$result = $stmt->fetchAll();
|
|
$dbInfo = "DB-info:\n";
|
|
|
|
foreach($result as $row) {
|
|
$dbInfo .= "Database '$row[0]', db size in MB: $row[1], free space in MB: $row[2]\n";
|
|
}
|
|
$dbInfo .= "used DB '" . MYSQL_DB . "'\n\n";
|
|
return $dbInfo;
|
|
}
|
|
|
|
function sendMail($role,$topic,$email,$tel,$allowSendRights,$content) {
|
|
if (!$this->spamcheck($email)) {
|
|
echo json_encode("Falsche Emailadresse eingegeben!");
|
|
return;
|
|
}
|
|
|
|
$headers = "MIME-Version: 1.0\n";
|
|
$headers .= "Content-type: text/plain; charset=iso-8859-1\n";
|
|
|
|
$rights = "Keine Rechteinformation";
|
|
$from = $this->getFromEmail();
|
|
|
|
if ($this->spamcheck($from)) {
|
|
$headers .= "To: feedback@ordersprinter.de\n";
|
|
$headers .= "From: $from\n";
|
|
$headers .= "Cc: $email\n";
|
|
if ($this->isUserAlreadyLoggedInForPhp()) {
|
|
if ($allowSendRights) {
|
|
$rights = "Userid = " . $_SESSION['userid'] . "\n";
|
|
$rights .= "Username = " . $_SESSION['currentuser'] . "\n";
|
|
$rights .= "isAdmin = " . ($_SESSION['is_admin'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_waiter = " . ($_SESSION['right_waiter'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_kitchen = " . ($_SESSION['right_kitchen'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_bar = " . ($_SESSION['right_bar'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_supply = " . ($_SESSION['right_supply'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_paydesk = " . ($_SESSION['right_paydesk'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_statistics = " . ($_SESSION['right_statistics'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_bill = " . ($_SESSION['right_bill'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_products = " . ($_SESSION['right_products'] ? "ja" : "nein") . "\n";
|
|
$rights .= "right_manager = " . ($_SESSION['right_manager'] ? "ja" : "nein");
|
|
$rights .= $this->getdbinfo();
|
|
}
|
|
$server = $_SERVER['HTTP_USER_AGENT'];
|
|
$msg = "Rolle: $role\nEmail: $email\nTel.: $tel\nRechte: $rights\nServer:$server\n\nNachtricht:\n$content";
|
|
|
|
$msg = wordwrap($msg, 70);
|
|
|
|
// Verarbeitet \r\n's zuerst, so dass sie nicht doppelt konvertiert werden
|
|
$msg = str_replace("\n", "\r\n", $msg);
|
|
|
|
if (mail("feedback@ordersprinter.de", $topic, $msg, $headers, "-f $from")) {
|
|
echo json_encode("OK");
|
|
} else {
|
|
echo json_encode("Fehler: Mail konnte nicht verschickt werden! Stimmt die PHP-Konfiguration auf dem Server?");
|
|
}
|
|
} else {
|
|
echo json_encode("Fehler: Benutzer nicht eingeloggt!");
|
|
}
|
|
} else {
|
|
echo json_encode("Mailkonfiguration von OrderSprinter fehlerhaft!");
|
|
}
|
|
}
|
|
}
|
|
?>
|