ordersprinter/webapp/php/dbutils.php

259 lines
8.2 KiB
PHP

<?php
// Datenbank-Verbindungsparameter
require_once ('config.php');
define ('DB_QUEUE_TABLE', TAB_PREFIX . 'queue');
define ('DB_PRODUCTS_TABLE', TAB_PREFIX . 'products');
define ('DB_USER_TABLE', TAB_PREFIX . 'user');
define ('DB_ROOM_TABLE', TAB_PREFIX . 'room');
define ('DB_RESTTABLES_TABLE', TAB_PREFIX . 'resttables');
define ('DB_PRODTYPE_TABLE', TAB_PREFIX . 'prodtype');
define ('DB_TABLEMAPS_TABLE', TAB_PREFIX . 'tablemaps');
define ('DB_TABLEPOS_TABLE', TAB_PREFIX . 'tablepos');
define ('DB_BILL_TABLE', TAB_PREFIX . 'bill');
define ('DB_PRICELEVEL_TABLE', TAB_PREFIX . 'pricelevel');
define ('DB_CONFIG_TABLE', TAB_PREFIX . 'config');
define ('DB_CLOSING_TABLE', TAB_PREFIX . 'closing');
define ('DB_PRINTJOB_TABLE', TAB_PREFIX . 'printjob');
define ('DB_WORK_TABLE', TAB_PREFIX . 'work');
define ('DB_COMMENTS_TABLE', TAB_PREFIX . 'comments');
define ('DB_LOGO_TABLE', TAB_PREFIX . 'logo');
define ('DB_EXTRAS_TABLE', TAB_PREFIX . 'extras');
define ('DB_EXTRASPRODS_TABLE', TAB_PREFIX . 'extrasprods');
define ('DB_HIST_TABLE', TAB_PREFIX . 'hist');
define ('DB_HIST_PROD_TABLE', TAB_PREFIX . 'histprod');
define ('DB_HIST_CONFIG_TABLE', TAB_PREFIX . 'histconfig');
define ('DB_HIST_USER_TABLE', TAB_PREFIX . 'histuser');
define ('DB_HIST_ACTIONS_TABLE', TAB_PREFIX . 'histactions');
define ('DB_HIST_PAYMENT_TABLE', TAB_PREFIX . 'payment');
define ('DB_BILLPRODUCTS_TABLE', TAB_PREFIX . 'billproducts');
define ('DB_RESERVATIONS_TABLE', TAB_PREFIX . 'reservations');
define ('DB_QUEUEEXTRAS_TABLE', TAB_PREFIX . 'queueextras');
define ('DB_RATINGS_TABLE', TAB_PREFIX . 'ratings');
class DbUtils {
private static $timezone = null;
private static $prefix = null;
public static function overruleTimeZone($timezone) {
self::$timezone = $timezone;
}
public static function overrulePrefix($prefix) {
self::$prefix = $prefix;
}
public static function openDbAndReturnPdoStatic () {
$dsn = 'mysql:host=' . MYSQL_HOST . ';dbname=' . MYSQL_DB;
$user = MYSQL_USER;
$password = MYSQL_PASSWORD;
$pdo = null;
try {
$pdo = new PDO($dsn, $user, $password);
$pdo ->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
return $pdo;
}
function openDbAndReturnPdo () {
$dsn = 'mysql:host=' . MYSQL_HOST . ';dbname=' . MYSQL_DB;
$user = MYSQL_USER;
$password = MYSQL_PASSWORD;
$pdo = null;
try {
$pdo = new PDO($dsn, $user, $password);
$pdo ->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
return $pdo;
}
function testDbAccess($host,$dbname,$user,$pass) {
$dsn = 'mysql:host=' . $host . ';dbname=' . $dbname;
$user = $user;
$password = $pass;
$pdo = null;
try {
$pdo = new PDO($dsn, $user, $password);
$pdo ->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e) {
//
}
if ($pdo != null) {
return true;
} else {
return false;
}
}
function performSqlCommand($sqlCommand) {
$sqlCommand = $this->resolveTablenamesInSqlString($sqlCommand);
$con=mysqli_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASSWORD,MYSQL_DB);
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,$sqlCommand);
// Execute query
if ($result)
{
//echo "SQL command could be executed successful";
}
else
{
echo "Error executing SQL command: " . mysqli_error($con);
}
mysqli_close($con);
return $result;
}
/*
* A prepared statement has several advantages. In this SW it is mainly
* used to avoid quoting of strings
*/
function performPreparedStatementCreateClosing($closingTime,$remark) {
date_default_timezone_set(self::getTimeZone());
$closingTime = date('Y-m-d H:i:s');
$closingEntrySql = $this->resolveTablenamesInSqlString("INSERT INTO `%closing%` (`id` , `closingdate`,`remark`) VALUES (NULL , ?,?)");
$mysqli = new mysqli(MYSQL_HOST,MYSQL_USER,MYSQL_PASSWORD,MYSQL_DB);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
if (!($stmt = $mysqli->prepare($closingEntrySql))) {
echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
if (!$stmt->bind_param("ss", $closingTime, $remark)) {
echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error;
}
if (!$stmt->execute()) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$id = mysqli_insert_id($mysqli);
$stmt->close();
mysqli_close($mysqli);
return $id;
}
function performSqlCommandRetLastId($sqlCommand) {
$sqlCommand = $this->resolveTablenamesInSqlString($sqlCommand);
$con=mysqli_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASSWORD,MYSQL_DB);
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,$sqlCommand);
// Execute query
if ($result)
{
//echo "SQL command could be executed successful";
}
else
{
echo "Error executing SQL command: " . mysqli_error($con);
}
$id = mysqli_insert_id($con);
mysqli_close($con);
return array("result" => $result, "id" => $id);
}
/*
* Filter out escape sequences. The method requires an open db connection
*/
function filterString($aString) {
$mysqli = new mysqli(MYSQL_HOST, MYSQL_USER,MYSQL_PASSWORD,MYSQL_DB);
/* check connection */
if (mysqli_connect_errno()) {
exit();
}
$filteredString = $mysqli->real_escape_string($aString);
$mysqli->close();
return $filteredString;
}
/*
* To use sql strings that are easy to read the table names are used
* without variables. But since the user can specify a prefix for all
* tables the substitution must be done somewhere. This is the function
* that replaces the %TABLE% by $prefix_table
*/
public static function substTableAlias($sqlString) {
$prefix = TAB_PREFIX;
if (!is_null(self::$prefix)) {
$prefix = self::$prefix;
}
$out = str_replace("%queue%",$prefix . 'queue',$sqlString);
$out = str_replace("%products%",$prefix . 'products',$out);
$out = str_replace("%user%",$prefix . 'user',$out);
$out = str_replace("%room%",$prefix . 'room',$out);
$out = str_replace("%resttables%",$prefix . 'resttables',$out);
$out = str_replace("%bill%",$prefix . 'bill',$out);
$out = str_replace("%tablemaps%",$prefix . "tablemaps",$out);
$out = str_replace("%tablepos%",$prefix . "tablepos",$out);
$out = str_replace("%pricelevel%",$prefix . 'pricelevel',$out);
$out = str_replace("%config%",$prefix . 'config',$out);
$out = str_replace("%closing%",$prefix . 'closing',$out);
$out = str_replace("%printjobs%",$prefix . 'printjob',$out);
$out = str_replace("%hist%",$prefix . 'hist',$out);
$out = str_replace("%histprod%",$prefix . 'histprod',$out);
$out = str_replace("%histconfig%",$prefix . 'histconfig',$out);
$out = str_replace("%histuser%",$prefix . 'histuser',$out);
$out = str_replace("%histactions%",$prefix . 'histactions',$out);
$out = str_replace("%payment%",$prefix . 'payment',$out);
$out = str_replace("%billproducts%", $prefix . 'billproducts',$out);
$out = str_replace("%work%",$prefix . 'work',$out);
$out = str_replace("%comments%",$prefix . 'comments',$out);
$out = str_replace("%reservations%",$prefix . 'reservations',$out);
$out = str_replace("%logo%",$prefix . 'logo',$out);
$out = str_replace("%extras%", $prefix . 'extras',$out);
$out = str_replace("%extrasprods%",$prefix . 'extrasprods', $out);
$out = str_replace("%queueextras%",$prefix . 'queueextras', $out);
$out = str_replace("%ratings%",$prefix . 'ratings', $out);
return (str_replace("%prodtype%",$prefix . 'prodtype',$out));
}
public function resolveTablenamesInSqlString($sqlString) {
return DbUtils::substTableAlias($sqlString);
}
public static function getTimeZone() {
if (is_null(self::$timezone)) {
if(session_id() == '') {
session_start();
}
if (isset($_SESSION['timezone'])) {
return $_SESSION['timezone'];
} else {
return "Europe/Berlin";
}
} else {
return self::$timezone;
}
}
}
?>