154 lines
5.1 KiB
PHP
154 lines
5.1 KiB
PHP
<?php
|
||
require_once ('dbutils.php');
|
||
require_once ('utilities/Emailer.php');
|
||
|
||
class Feedback {
|
||
var $dbutils;
|
||
function __construct() {
|
||
$this->dbutils = new DbUtils();
|
||
}
|
||
|
||
function handleCommand($command) {
|
||
if ($command == 'sendMail') {
|
||
$this->sendMail($_POST['role'],$_POST['topic'],$_POST['email'],$_POST['tel'],$_POST['allowSendRights'],$_POST['content']);
|
||
}
|
||
else {
|
||
echo "Kommando nicht unterstuetzt.";
|
||
}
|
||
}
|
||
|
||
function isUserAlreadyLoggedInForPhp() {
|
||
if(session_id() == '') {
|
||
session_start();
|
||
}
|
||
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
||
return false;
|
||
} else {
|
||
return true;
|
||
}
|
||
}
|
||
|
||
private function getGeneralItemFromDb($field) {
|
||
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
||
$aValue="";
|
||
$sql = "SELECT setting FROM %config% where name='$field'";
|
||
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
$stmt->execute();
|
||
$row =$stmt->fetchObject();
|
||
if ($row != null) {
|
||
$aValue = $row->setting;
|
||
}
|
||
return $aValue;
|
||
}
|
||
|
||
function spamcheck($field) {
|
||
// Sanitize e-mail address
|
||
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
|
||
// Validate e-mail address
|
||
if(filter_var($field, FILTER_VALIDATE_EMAIL)) {
|
||
return TRUE;
|
||
} else {
|
||
return FALSE;
|
||
}
|
||
}
|
||
|
||
function sqlresult($pdo,$sql,$sqlval) {
|
||
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
$stmt->execute();
|
||
$row =$stmt->fetchObject();
|
||
if ($row != null) {
|
||
return($row->$sqlval);
|
||
} else {
|
||
return 0;
|
||
}
|
||
}
|
||
function getdbinfo() {
|
||
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
|
||
$info = "\n\nWaiting print jobs:\n";
|
||
// workprintjobswaiting
|
||
$foodjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=1","number");
|
||
$drinkjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=2","number");
|
||
$payjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=3","number");
|
||
|
||
$info .= "Speisebons: $foodjobs\n";
|
||
$info .= "Getr<EFBFBD>nkebons: $drinkjobs\n";
|
||
$info .= "Kassenbons: $payjobs\n\n";
|
||
|
||
// db sizes
|
||
$info .= $this->getDatabaseSizes($pdo);
|
||
return $info;
|
||
}
|
||
|
||
function getDatabaseSizes($pdo) {
|
||
$sql = 'SELECT table_schema "Data Base Name",
|
||
sum( data_length + index_length ) / 1024 / 1024 "Data Base Size in MB",
|
||
sum( data_free )/ 1024 / 1024 "Free Space in MB"
|
||
FROM information_schema.TABLES
|
||
GROUP BY table_schema';
|
||
$pdo = $this->dbutils->openDbAndReturnPdo();
|
||
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
|
||
$stmt->execute();
|
||
$result = $stmt->fetchAll();
|
||
$dbInfo = "DB-info:\n";
|
||
|
||
foreach($result as $row) {
|
||
$dbInfo .= "Database '$row[0]', db size in MB: $row[1], free space in MB: $row[2]\n";
|
||
}
|
||
$dbInfo .= "used DB '" . MYSQL_DB . "'\n\n";
|
||
return $dbInfo;
|
||
}
|
||
|
||
function sendMail($role,$topic,$email,$tel,$allowSendRights,$content) {
|
||
|
||
if (!$this->spamcheck($email)) {
|
||
echo json_encode("Falsche Emailadresse eingegeben!");
|
||
return;
|
||
}
|
||
|
||
$rights = "Keine Rechteinformation";
|
||
$from = $this->getGeneralItemFromDb('email');
|
||
$version = $this->getGeneralItemFromDb('version');
|
||
|
||
if ($this->spamcheck($from)) {
|
||
|
||
if ($this->isUserAlreadyLoggedInForPhp()) {
|
||
if ($allowSendRights) {
|
||
$rights = "Userid = " . $_SESSION['userid'] . "\n";
|
||
$rights .= "Username = " . $_SESSION['currentuser'] . "\n";
|
||
$rights .= "isAdmin = " . ($_SESSION['is_admin'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_waiter = " . ($_SESSION['right_waiter'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_kitchen = " . ($_SESSION['right_kitchen'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_bar = " . ($_SESSION['right_bar'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_supply = " . ($_SESSION['right_supply'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_paydesk = " . ($_SESSION['right_paydesk'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_statistics = " . ($_SESSION['right_statistics'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_bill = " . ($_SESSION['right_bill'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_products = " . ($_SESSION['right_products'] ? "ja" : "nein") . "\n";
|
||
$rights .= "right_manager = " . ($_SESSION['right_manager'] ? "ja" : "nein");
|
||
$rights .= $this->getdbinfo();
|
||
}
|
||
$server = $_SERVER['HTTP_USER_AGENT'];
|
||
$msg = "Rolle: $role\nEmail: $email\nTel.: $tel\nRechte: $rights\nServer:$server\n\nOrderSprinter-Version:$version\n\nNachricht:\n$content";
|
||
|
||
$msg = wordwrap($msg, 70);
|
||
|
||
// Verarbeitet \r\n's zuerst, so dass sie nicht doppelt konvertiert werden
|
||
$msg = str_replace("\n", "\r\n", $msg);
|
||
|
||
$pdo = DbUtils::openDbAndReturnPdoStatic();
|
||
if (Emailer::sendEmail($pdo, $msg, "feedback@ordersprinter.de", $topic)) {
|
||
echo json_encode("OK");
|
||
} else {
|
||
echo json_encode("Fehler: Mail konnte nicht verschickt werden! Stimmt die PHP-Konfiguration auf dem Server?");
|
||
}
|
||
} else {
|
||
echo json_encode("Fehler: Benutzer nicht eingeloggt!");
|
||
}
|
||
} else {
|
||
echo json_encode("Mailkonfiguration von OrderSprinter fehlerhaft!");
|
||
}
|
||
}
|
||
}
|
||
?>
|