ordersprinter/webapp/php/reservation.php

233 lines
9.8 KiB
PHP

<?php
require_once ('dbutils.php');
require_once ('utilities/Emailer.php');
class Reservation {
var $dbutils;
function __construct() {
$this->dbutils = new DbUtils();
}
function handleCommand($command) {
if (!$this->isUserAlreadyLoggedInForPhpAndMayReserve()) {
echo json_encode(array("status" => "ERROR", "code" => ERROR_RES_NOT_AUTHOTRIZED, "msg" => ERROR_RES_NOT_AUTHOTRIZED_MSG));
} else {
if ($command == 'createReservation') {
$this->createReservation($_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark'],$_POST["tableid"]);
} else if ($command == 'getReservations') {
$this->getReservations($_GET['day'],$_GET['month'],$_GET['year']);
} else if ($command == 'changeReservation') {
$this->changeReservation($_POST['id'],$_POST['day'],$_POST['month'],$_POST['year'],$_POST['start'],$_POST['name'],$_POST['email'],$_POST['persons'],$_POST['duration'],$_POST['phone'],$_POST['remark'],$_POST["tableid"]);
} else if ($command == 'delReservation') {
$this->delReservation($_POST['id']);
} else if ($command == 'emailConfirmReservation') {
$this->emailConfirmReservation($_POST['to'],$_POST['msg']);
}
else {
echo "Kommando nicht unterstuetzt.";
}
}
}
function isUserAlreadyLoggedInForPhpAndMayReserve() {
if(session_id() == '') {
session_start();
}
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
return false;
} else {
return ($_SESSION['right_reservation']);
}
}
private function createReservation($day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark,$tableid) {
$userid = $_SESSION['userid'];
date_default_timezone_set(DbUtils::getTimeZone());
$currentTime = date('Y-m-d H:i:s');
$scheduledDate = "$year-$month-$day 00:00:00";
if ($tableid <= 0) {
$tableid = null;
}
$pdo = DbUtils::openDbAndReturnPdoStatic();
try {
$pdo->beginTransaction();
$sql = "INSERT INTO `%reservations%` (
`id` , `creator`,`creationdate`,`scheduledate`,`name`,`email`,`starttime`,`duration`,`persons`,`phone`,`remark`,`tableid`)
VALUES (
NULL , ?,?,?,?,?,?,?,?,?,?,?)";
$stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql));
$stmt->execute(array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark,$tableid));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function changeReservation($id,$day,$month,$year,$start,$name,$email,$persons,$duration,$phone,$remark,$tableid) {
$userid = $_SESSION['userid'];
date_default_timezone_set(DbUtils::getTimeZone());
$currentTime = date('Y-m-d H:i:s');
$scheduledDate = "$year-$month-$day 00:00:00";
$pdo = DbUtils::openDbAndReturnPdoStatic();
try {
$pdo->beginTransaction();
$sql = "UPDATE `%reservations%` SET creator=?,creationdate=?,scheduledate=?,name=?,email=?,starttime=?,duration=?,persons=?,phone=?,remark=?,tableid=? WHERE id=?";
CommonUtils::execSql($pdo, $sql, array($userid,$currentTime,$scheduledDate,$name,$email,$start,$duration,$persons,$phone,$remark,$tableid,$id));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function delReservation($id) {
$pdo = DbUtils::openDbAndReturnPdoStatic();
try {
$pdo->beginTransaction();
$sql = "DELETE FROM `%reservations%` WHERE id=?";
CommonUtils::execSql($pdo, $sql, array($id));
$pdo->commit();
echo json_encode(array("status" => "OK"));
}
catch (PDOException $e) {
$pdo->rollBack();
echo json_encode(array("status" => "ERROR", "code" => ERROR_GENERAL_DB_NOT_READABLE, "msg" => ERROR_GENERAL_DB_NOT_READABLE_MSG));
}
}
private function emailConfirmReservation($toEmail,$msg) {
// first find sender email
$pdo = $this->dbutils->openDbAndReturnPdo();
$msg = str_replace("\n", "\r\n", $msg);
$topictxt = "Reservierungsbestätigung\r\n";
if (Emailer::sendEmail($pdo, $msg, $toEmail, $topictxt)) {
echo json_encode("OK");
} else {
echo json_encode("ERROR");
}
}
private function getReservations($day,$month,$year) {
$pdo = DbUtils::openDbAndReturnPdoStatic();
// REM* the many sortings in the sql allow the sorting by time, room-sort and table-sort
$sql = "SELECT R.id,U.username as username,creationdate,scheduledate,starttime,name,email,persons,duration,phone,remark,tableid, ";
$sql .= "IF(tableid is null,'-1',(SELECT RO.id as roomid FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as roomid, ";
$sql .= "IF(tableid is null,'-1',(SELECT RO.sorting as roomsorting FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as roomsorting, ";
$sql .= "IF(tableid is null,'-1',(SELECT T.sorting as tablesorting FROM %room% RO,%resttables% T WHERE T.id=tableid AND T.roomid=RO.id)) as tablesorting ";
$sql .= "FROM %reservations% R,%user% U ";
$sql .= "WHERE DATE(scheduledate)=? AND R.creator=U.id ";
$timeSortedReservations = $this->getReservationsCore($pdo,$day,$month,$year,$sql . " ORDER BY starttime,roomsorting,tablesorting");
// REM* and now by table
$sql = "SELECT DISTINCT R.tableid as tableid,ROOM.id as roomid,ROOM.sorting as roomsorting,T.sorting as tablesorting FROM %reservations% R,%room% ROOM,%resttables% T ";
$sql .= " WHERE DATE(scheduledate)=? AND tableid is not null AND tableid >= '0' ";
$sql .= " AND R.tableid = T.id AND T.roomid=ROOM.id ";
$sql .= " ORDER BY ROOM.sorting,T.sorting ";
$day = sprintf("%02s", $day);
$month = sprintf("%02s", $month);
$scheduledDate = "$year-$month-$day";
$allTablesOfResAtThatDate = CommonUtils::fetchSqlAll($pdo, $sql, array($scheduledDate));
$byTables = array();
foreach($allTablesOfResAtThatDate as $tableRes) {
$sql = "SELECT R.id,U.username as creator,creationdate,scheduledate,starttime as start,name as guest,email,persons,duration,(starttime + duration) as endhour,";
$sql .= " phone,remark,tableid,'" . $tableRes["roomid"] . "' as roomid ";
$sql .= "FROM %reservations% R,%user% U ";
$sql .= "WHERE DATE(scheduledate)=? AND R.creator=U.id AND tableid=? ";
$sql .= "ORDER BY starttime";
$allResOfThatTable = CommonUtils::fetchSqlAll($pdo, $sql, array($scheduledDate,$tableRes["tableid"]));
$byTables[] = array("tableid" => $tableRes["tableid"],"roomid" => $tableRes["roomid"], "reservations" => $allResOfThatTable);
}
// REM* these were all reservations by table at the given date. Let's add all reservations without a table assignment
$sql = "SELECT R.id,U.username as creator,creationdate,scheduledate,starttime as start,name as guest,email,persons,duration,(starttime + duration) as endhour,";
$sql .= " phone,remark,'-1' as tableid,'-1' as roomid ";
$sql .= "FROM %reservations% R,%user% U ";
$sql .= "WHERE DATE(scheduledate)=? AND R.creator=U.id AND (tableid is null OR tableid='-1') ";
$sql .= "ORDER BY starttime";
$allResOfUndefinedTable = CommonUtils::fetchSqlAll($pdo, $sql, array($scheduledDate));
if (count($allResOfUndefinedTable) > 0) {
$byTables[] = array("tableid" => '-1',"roomid" => '-1', "reservations" => $allResOfUndefinedTable);
}
$msg = array("bytimes" => $timeSortedReservations,"bytables" => $byTables);
// REM* now attach a list of rooms and tables to select for new reservations
$tableoverview = self::gettablesoverview($pdo);
echo json_encode(array("status" => "OK", "msg" => $msg,"tableoverview" => $tableoverview));
}
private function getReservationsCore($pdo,$day,$month,$year,$sql) {
$day = sprintf("%02s", $day);
$month = sprintf("%02s", $month);
$scheduledDate = "$year-$month-$day";
try {
$pdo = DbUtils::openDbAndReturnPdoStatic();
$result = CommonUtils::fetchSqlAll($pdo, $sql, array($scheduledDate));
$resArray = array();
foreach($result as $row) {
$datetimeparts = explode(" ",$row['scheduledate']);
$thedate = $datetimeparts[0];
$thedateparts = explode("-",$thedate);
$resArray[] = array(
"id" => $row['id'],
"creator" => $row['username'],
"creationdate" => $row['creationdate'],
"day" => $thedateparts[2],
"month" => $thedateparts[1],
"year" => $thedateparts[0],
"start" => $row['starttime'],
"guest" => $row['name'],
"email" => $row['email'],
"persons" => $row['persons'],
"duration" => $row['duration'],
"phone" => $row['phone'],
"remark" => $row['remark'],
"roomid" => $row['roomid'],
"tableid" => $row['tableid']
);
}
return $resArray;
}
catch (PDOException $e) {
return array();
}
}
private static function gettablesoverview($pdo) {
try {
$tableoverview = array();
// REM* get only the rooms with not removed tables (active flag is ignored because it may be that the room is active at date for reservation)
$sql = "SELECT R.id as roomid,R.roomname as roomname,IFNULL(R.abbreviation,'') as abbreviation from %room% R WHERE R.removed is null HAVING (SELECT COUNT(id) FROM %resttables% T WHERE T.roomid=R.id AND T.removed is null) > 0 ORDER BY sorting";
$rooms = CommonUtils::fetchSqlAll($pdo, $sql);
foreach($rooms as $aRoom) {
$sql = "SELECT id,tableno as tablename FROM %resttables% WHERE roomid=? ORDER BY sorting";
$tablesOfRoom = CommonUtils::fetchSqlAll($pdo, $sql, array($aRoom['roomid']));
$tableoverview[$aRoom['roomid']] = array("roomid" => $aRoom['roomid'], "roomname" => $aRoom["roomname"],"roomabbreviation" => $aRoom["abbreviation"], "tables" => $tablesOfRoom);
}
return $tableoverview;
} catch (Exception $ex) {
return array();
}
}
}