An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

action.php 30KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780
  1. <?php
  2. /* This Source Code Form is subject to the terms of the Mozilla Public
  3. * License, v. 2.0. If a copy of the MPL was not distributed with this
  4. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  5. /**
  6. * Make things happen when buttons are pressed and forms submitted.
  7. */
  8. require_once __DIR__ . "/required.php";
  9. if ($VARS['action'] !== "signout") {
  10. dieifnotloggedin();
  11. }
  12. /**
  13. * Redirects back to the page ID in $_POST/$_GET['source'] with the given message ID.
  14. * The message will be displayed by the app.
  15. * @param string $msg message ID (see lang/messages.php)
  16. * @param string $arg If set, replaces "{arg}" in the message string when displayed to the user.
  17. */
  18. function returnToSender($msg, $arg = "") {
  19. global $VARS;
  20. $header = "Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg";
  21. if ($arg != "") {
  22. $header .= "&arg=$arg";
  23. }
  24. header($header);
  25. die();
  26. }
  27. switch ($VARS['action']) {
  28. case "finish_transaction":
  29. header("Content-Type: application/json");
  30. $error = null;
  31. $oktx = null;
  32. $database->action(function ($database) {
  33. global $VARS, $binstack, $Strings, $error, $oktx;
  34. if (empty($VARS['items'])) {
  35. $error = $Strings->get("no items", false);
  36. return false;
  37. }
  38. $items = $VARS['items'];
  39. $payments = $VARS['payments'];
  40. $customer = $VARS['customer'];
  41. $register = $VARS['register'];
  42. $discountpercent = $VARS['discountpercent'];
  43. $cashid = null;
  44. $editing = false;
  45. if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {
  46. $editing = true;
  47. $txid = $VARS['txid'];
  48. $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);
  49. if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {
  50. $error = $Strings->get("cash already closed", false);
  51. return false;
  52. }
  53. // Nuke the payments to make room for their replacements
  54. // Delete payments
  55. $oldpayments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);
  56. foreach ($oldpayments as $p) {
  57. // Reset gift card balances
  58. if (!is_null($p['certid'])) {
  59. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);
  60. }
  61. $database->delete('payments', ['payid' => $p['payid']]);
  62. }
  63. }
  64. if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {
  65. $error = $Strings->get("invalid customer", false);
  66. return false;
  67. }
  68. if ($register != "" && !$database->has('registers', ['registerid' => $register])) {
  69. $error = $Strings->get("invalid register", false);
  70. return false;
  71. }
  72. if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {
  73. $error = $Strings->get("cash not open", false);
  74. return false;
  75. }
  76. if ($register != "" && $editing === false) {
  77. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);
  78. }
  79. $totalcharge = 0.00;
  80. $totalpaid = 0.00;
  81. $change = 0.0;
  82. foreach ($items as $i) {
  83. $totalcharge += $i['each'] * $i['qty'];
  84. if (!$binstack->has('items', ['itemid' => $i['id']])) {
  85. $error = $Strings->get("invalid item", false);
  86. return false;
  87. }
  88. }
  89. foreach ($payments as $p) {
  90. if (!$database->has('payment_types', ['typename' => $p['type']])) {
  91. $error = $Strings->get("invalid payment type", false);
  92. return false;
  93. }
  94. $totalpaid += $p['amount'];
  95. if ($p['type'] == "giftcard") {
  96. if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {
  97. $error = $Strings->get("invalid giftcard", false);
  98. return false;
  99. }
  100. }
  101. }
  102. if (is_numeric($discountpercent) && $discountpercent > 0 && $discountpercent < 100) {
  103. $discountpercent = $discountpercent * 1.0;
  104. $totalcharge *= 1.0 - ($discountpercent / 100.0);
  105. } else {
  106. $discountpercent = 0.0;
  107. }
  108. if ($totalcharge > $totalpaid) {
  109. $error = $Strings->get("insufficient payment", false);
  110. return false;
  111. }
  112. if ($editing === true) {
  113. $database->update('transactions', [
  114. 'txdate' => date('Y-m-d H:i:s'),
  115. 'customerid' => ($customer != "" ? $customer : null),
  116. 'type' => 1,
  117. 'cashier' => $_SESSION['uid'],
  118. 'cashid' => $cashid,
  119. 'discountpercent' => $discountpercent
  120. ], [
  121. 'txid' => $txid
  122. ]);
  123. } else {
  124. $database->insert('transactions', [
  125. 'txdate' => date('Y-m-d H:i:s'),
  126. 'customerid' => ($customer != "" ? $customer : null),
  127. 'type' => 1,
  128. 'cashier' => $_SESSION['uid'],
  129. 'cashid' => $cashid,
  130. 'discountpercent' => $discountpercent
  131. ]);
  132. $txid = $database->id();
  133. }
  134. $olditems = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);
  135. foreach ($items as $i) {
  136. $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);
  137. $database->insert('lines', [
  138. 'txid' => $txid,
  139. 'amount' => $i['each'],
  140. 'name' => $item['name'],
  141. 'itemid' => $i['id'],
  142. 'qty' => $i['qty']
  143. ]);
  144. $binstack->update('items', [
  145. 'qty[-]' => $i['qty']
  146. ], [
  147. 'itemid' => $i['id']
  148. ]);
  149. }
  150. foreach ($payments as $p) {
  151. $certid = null;
  152. if ($p['type'] == "giftcard") {
  153. $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);
  154. }
  155. $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);
  156. $database->insert('payments', [
  157. 'amount' => $p['amount'],
  158. 'data' => '',
  159. 'type' => $type,
  160. 'txid' => $txid,
  161. 'certid' => $certid
  162. ]);
  163. }
  164. if ($totalcharge < $totalpaid) {
  165. $change = $totalpaid - $totalcharge;
  166. $database->insert('payments', [
  167. 'amount' => $change * -1.0,
  168. 'data' => '',
  169. 'type' => 1,
  170. 'txid' => $txid,
  171. 'certid' => null
  172. ]);
  173. }
  174. foreach ($olditems as $i) {
  175. $database->delete('lines', ['lineid' => $i['lineid']]);
  176. $binstack->update('items', [
  177. 'qty[+]' => $i['qty']
  178. ], [
  179. 'itemid' => $i['id']
  180. ]);
  181. }
  182. $oktx = $txid;
  183. return true;
  184. });
  185. if (!is_null($error)) {
  186. exit(json_encode(["status" => "ERROR", "message" => $error]));
  187. } else {
  188. exit(json_encode(["status" => "OK", "txid" => $oktx]));
  189. }
  190. break;
  191. case "finish_return":
  192. header("Content-Type: application/json");
  193. $error = null;
  194. $oktx = null;
  195. $database->action(function ($database) {
  196. global $VARS, $binstack, $Strings, $error, $oktx;
  197. $items = $VARS['items'];
  198. $payments = $VARS['payments'];
  199. $customer = $VARS['customer'];
  200. $register = $VARS['register'];
  201. $cashid = null;
  202. if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {
  203. $error = $Strings->get("invalid customer", false);
  204. return false;
  205. }
  206. if ($register != "" && !$database->has('registers', ['registerid' => $register])) {
  207. $error = $Strings->get("invalid register", false);
  208. return false;
  209. }
  210. if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {
  211. $error = $Strings->get("cash not open", false);
  212. return false;
  213. }
  214. if ($register != "") {
  215. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);
  216. }
  217. $totaldue = 0.00;
  218. $totalrefund = 0.00;
  219. foreach ($items as $i) {
  220. $totaldue += $i['each'] * $i['qty'];
  221. if (!$binstack->has('items', ['itemid' => $i['id']])) {
  222. $error = $Strings->get("invalid item", false);
  223. return false;
  224. }
  225. }
  226. foreach ($payments as $p) {
  227. if (!$database->has('payment_types', ['typename' => $p['type']])) {
  228. $error = $Strings->get("invalid payment type", false);
  229. return false;
  230. }
  231. $totalrefund += $p['amount'];
  232. if ($p['type'] == "giftcard") {
  233. if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {
  234. $error = $Strings->get("invalid giftcard", false);
  235. return false;
  236. }
  237. }
  238. }
  239. $database->insert('transactions', [
  240. 'txdate' => date('Y-m-d H:i:s'),
  241. 'customerid' => ($customer != "" ? $customer : null),
  242. 'type' => 2,
  243. 'cashier' => $_SESSION['uid'],
  244. 'cashid' => $cashid,
  245. 'discountpercent' => 0.0
  246. ]);
  247. $txid = $database->id();
  248. foreach ($items as $i) {
  249. $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);
  250. $database->insert('lines', [
  251. 'txid' => $txid,
  252. 'amount' => $i['each'],
  253. 'name' => $item['name'],
  254. 'itemid' => $i['id'],
  255. 'qty' => $i['qty'] * -1.0
  256. ]);
  257. }
  258. foreach ($payments as $p) {
  259. $certid = null;
  260. if ($p['type'] == "giftcard") {
  261. $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);
  262. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $certid]);
  263. }
  264. $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);
  265. $database->insert('payments', [
  266. 'amount' => $p['amount'] * -1.0,
  267. 'data' => '',
  268. 'type' => $type,
  269. 'txid' => $txid,
  270. 'certid' => $certid
  271. ]);
  272. }
  273. $oktx = $txid;
  274. return true;
  275. });
  276. if (!is_null($error)) {
  277. exit(json_encode(["status" => "ERROR", "message" => $error]));
  278. } else {
  279. exit(json_encode(["status" => "OK", "txid" => $oktx]));
  280. }
  281. break;
  282. case "delete_transaction":
  283. header("Content-Type: application/json");
  284. $error = null;
  285. if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {
  286. $txid = $VARS['txid'];
  287. $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);
  288. if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {
  289. $error = $Strings->get("cash already closed", false);
  290. }
  291. $database->action(function ($database) {
  292. global $VARS, $binstack, $error, $txid;
  293. // Delete payments
  294. $payments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);
  295. foreach ($payments as $p) {
  296. // Reset gift card balances
  297. if (!is_null($p['certid'])) {
  298. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);
  299. }
  300. $database->delete('payments', ['payid' => $p['payid']]);
  301. }
  302. // Delete items/lines
  303. $items = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);
  304. foreach ($items as $i) {
  305. $database->delete('lines', ['lineid' => $i['lineid']]);
  306. $binstack->update('items', [
  307. 'qty[+]' => $i['qty']
  308. ], [
  309. 'itemid' => $i['id']
  310. ]);
  311. }
  312. // Delete transaction
  313. $database->delete('transactions', ['txid' => $txid, 'LIMIT' => 1]);
  314. });
  315. } else {
  316. $error = $Strings->get("invalid parameters", false);
  317. }
  318. if (!is_null($error)) {
  319. exit(json_encode(["status" => "ERROR", "message" => $error]));
  320. } else {
  321. exit(json_encode(["status" => "OK"]));
  322. }
  323. break;
  324. case "getreceipt":
  325. $format = "html";
  326. $width = 48;
  327. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  328. $width = (int) $VARS['width'];
  329. }
  330. if (isset($VARS['format'])) {
  331. $format = $VARS['format'];
  332. }
  333. if (!$database->has('transactions', ['txid' => $VARS['txid']])) {
  334. header("Content-Type: application/json");
  335. exit(json_encode(["status" => "ERROR", "txid" => null]));
  336. }
  337. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_TRANSACTION, $VARS['txid']);
  338. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Tx. #" . $VARS['txid']));
  339. break;
  340. case "transactionsearch":
  341. header("Content-Type: application/json");
  342. $where = [];
  343. if (!empty($VARS['q'])) {
  344. $where["AND"]["OR"] = [
  345. "txid" => $VARS['q'],
  346. "name[~]" => $VARS['q'],
  347. "email[~]" => $VARS['q'],
  348. "phone[~]" => $VARS['q']
  349. ];
  350. }
  351. $start = date('Y-m-d H:i:s', 946684800); // Jan 1 2000
  352. $end = date('Y-m-d H:i:s');
  353. if (!empty($VARS['start']) && strtotime($VARS['start']) !== FALSE) {
  354. $start = date('Y-m-d H:i:s', strtotime($VARS['start']));
  355. }
  356. if (!empty($VARS['end']) && strtotime($VARS['end']) !== FALSE) {
  357. $end = date('Y-m-d H:i:s', strtotime($VARS['end']));
  358. }
  359. $where["AND"]['txdate[>=]'] = $start;
  360. $where["AND"]['txdate[<=]'] = $end;
  361. $where["LIMIT"] = 50;
  362. $transactions = $database->select('transactions', [
  363. '[>]customers' => 'customerid',
  364. '[>]cash_drawer' => 'cashid',
  365. '[>]registers' => ['cash_drawer.registerid' => 'registerid'],
  366. ], [
  367. 'txid',
  368. 'txdate',
  369. 'type',
  370. 'cashier (cashierid)',
  371. 'transactions.cashid',
  372. 'cash_drawer.registerid',
  373. 'registers.registername',
  374. 'cash_drawer.open',
  375. 'cash_drawer.close',
  376. 'customerid',
  377. 'customer' => [
  378. 'name',
  379. 'email',
  380. 'phone',
  381. 'address'
  382. ]], $where);
  383. for ($i = 0; $i < count($transactions); $i++) {
  384. if (is_null($transactions[$i]['close']) && !is_null($transactions[$i]['open'])) {
  385. $transactions[$i]['editable'] = true;
  386. } else {
  387. $transactions[$i]['editable'] = false;
  388. }
  389. if (!is_null($transactions[$i]['cashierid'])) {
  390. $cashier = new User($transactions[$i]['cashierid']);
  391. $transactions[$i]['cashier'] = [
  392. "name" => $cashier->getName(),
  393. "username" => $cashier->getUsername()
  394. ];
  395. }
  396. }
  397. $transactions = (count($transactions) > 0 ? $transactions : false);
  398. exit(json_encode(["status" => "OK", "transactions" => $transactions]));
  399. case "itemsearch":
  400. header("Content-Type: application/json");
  401. if (!empty($VARS['q'])) {
  402. $where["AND"]["OR"] = [
  403. "name[~]" => $VARS['q'],
  404. "code1[~]" => $VARS['q'],
  405. "code2[~]" => $VARS['q']
  406. ];
  407. } else {
  408. exit(json_encode(["status" => "ERROR", "items" => false]));
  409. }
  410. $items = $binstack->select('items', [
  411. 'itemid (id)',
  412. 'name',
  413. 'code1',
  414. 'code2',
  415. 'cost',
  416. 'price'
  417. ], $where);
  418. if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {
  419. for ($n = 0; $n < count($items); $n++) {
  420. $i = $items[$n];
  421. if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {
  422. $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);
  423. }
  424. }
  425. }
  426. $items = (count($items) > 0 ? $items : false);
  427. exit(json_encode(["status" => "OK", "items" => $items]));
  428. case "getgriditems":
  429. header("Content-Type: application/json");
  430. $items = $binstack->select('items', [
  431. 'itemid (id)', 'name', 'price', 'code1', 'code2'
  432. ], [
  433. 'AND' => ['price[!]' => null, 'price[!]' => 0]
  434. ]);
  435. if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {
  436. for ($n = 0; $n < count($items); $n++) {
  437. $i = $items[$n];
  438. if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {
  439. $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);
  440. }
  441. }
  442. }
  443. for ($n = 0; $n < count($items); $n++) {
  444. if ($items[$n]['code1'] != "") {
  445. $items[$n]['code'] = $items[$n]["code1"];
  446. } else if ($items[$n]['code1'] == "" && $items[$n]['code1'] != "") {
  447. $items[$n]['code'] = $items[$n]["code2"];
  448. } else if (code == "") {
  449. $items[$n]['code'] = "---";
  450. }
  451. }
  452. $items = (count($items) > 0 ? $items : false);
  453. exit(json_encode(["status" => "OK", "items" => $items]));
  454. case "customersearch":
  455. header("Content-Type: application/json");
  456. if (!empty($VARS['q'])) {
  457. $where["AND"]["OR"] = [
  458. "customerid" => $VARS['q'],
  459. "name[~]" => $VARS['q'],
  460. "email[~]" => $VARS['q'],
  461. "phone[~]" => $VARS['q']
  462. ];
  463. } else {
  464. exit(json_encode(["status" => "ERROR", "customers" => false]));
  465. }
  466. $where["LIMIT"] = 10;
  467. $customers = $database->select('customers', [
  468. 'customerid (id)',
  469. 'name',
  470. 'email',
  471. 'phone',
  472. 'address',
  473. 'notes'
  474. ], $where);
  475. $customers = (count($customers) > 0 ? $customers : false);
  476. exit(json_encode(["status" => "OK", "customers" => $customers]));
  477. case "giftcard_lookup":
  478. header("Content-Type: application/json");
  479. $code = $VARS['code'];
  480. if (empty($code)) {
  481. exit(json_encode(["status" => "ERROR", "cards" => []]));
  482. }
  483. $cards = $database->select('certificates', ['certid (id)', 'certcode (code)', 'amount (balance)', 'start_amount (amount)'], ['certcode' => $code]);
  484. exit(json_encode(["status" => "OK", "cards" => $cards]));
  485. break;
  486. case "editcustomer":
  487. $insert = true;
  488. if (empty($VARS['id'])) {
  489. $insert = true;
  490. } else {
  491. if ($database->has('customers', ['customerid' => $VARS['id']])) {
  492. $insert = false;
  493. } else {
  494. returnToSender("invalid_customerid");
  495. }
  496. }
  497. if (empty($VARS['name'])) {
  498. returnToSender('invalid_parameters');
  499. }
  500. $data = [
  501. 'name' => $VARS['name'],
  502. 'email' => $VARS['email'],
  503. 'phone' => $VARS['phone'],
  504. 'address' => $VARS['address'],
  505. 'notes' => $VARS['notes']
  506. ];
  507. $customerid = null;
  508. if ($insert) {
  509. $database->insert('customers', $data);
  510. $customerid = $database->id();
  511. } else {
  512. $database->update('customers', $data, ['customerid' => $VARS['id']]);
  513. $customerid = $VARS['id'];
  514. }
  515. if (!is_null($customerid)) {
  516. $custprices = $VARS['pricing'];
  517. $newcustprices = [];
  518. $oldcustprices = $database->select('customer_pricing', ['itemid (item)', 'price'], ['customerid' => $customerid]);
  519. foreach ($custprices as $cp) {
  520. if (!$binstack->has('items', ['itemid' => $cp['item']])) {
  521. continue;
  522. }
  523. if (!is_numeric($cp['price'])) {
  524. continue;
  525. }
  526. $newcustprices[] = $cp;
  527. $oldcustprices = array_filter($oldcustprices, function ($var) {
  528. if ($cp['item'] == $var['item']) {
  529. return false;
  530. }
  531. return true;
  532. });
  533. }
  534. foreach ($oldcustprices as $cp) {
  535. $database->delete('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);
  536. }
  537. foreach ($newcustprices as $cp) {
  538. if ($database->has('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]])) {
  539. $database->update('customer_pricing', ['price' => $cp['price']], ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);
  540. } else {
  541. $database->insert('customer_pricing', ['price' => $cp['price'], 'itemid' => $cp['item'], 'customerid' => $customerid]);
  542. }
  543. }
  544. }
  545. returnToSender("customer_saved");
  546. case "set_register":
  547. $regid = $VARS['register'];
  548. if (!$database->has('registers', ['registerid' => $regid])) {
  549. returnToSender("invalid_parameters");
  550. }
  551. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  552. returnToSender("cash_not_open");
  553. }
  554. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $regid, 'close' => null]]);
  555. $_SESSION['register'] = (int) $regid;
  556. returnToSender("register_set");
  557. break;
  558. case "opencash":
  559. $regid = $VARS['register'];
  560. $start = $VARS['startamount'];
  561. if (!$database->has('registers', ['registerid' => $regid])) {
  562. returnToSender("invalid_parameters");
  563. }
  564. if ($database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  565. returnToSender("cash_already_open");
  566. }
  567. if (!is_numeric($start) || (float) $start < 0) {
  568. $start = 0.0;
  569. }
  570. $database->insert('cash_drawer', [
  571. 'registerid' => $regid,
  572. 'open' => date('Y-m-d H:i:s'),
  573. 'close' => null,
  574. 'start_amount' => $start,
  575. 'end_amount' => null
  576. ]);
  577. returnToSender("cash_opened");
  578. break;
  579. case "closecash":
  580. $regid = $VARS['register'];
  581. if (!$database->has('registers', ['registerid' => $regid])) {
  582. returnToSender("invalid_parameters");
  583. }
  584. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  585. returnToSender("cash_not_open");
  586. }
  587. $cash = $database->get('cash_drawer', ['cashid', 'start_amount'], ['AND' => ['registerid' => $regid, 'close' => null]]);
  588. $balance = (float) $cash['start_amount'];
  589. $rows = $database->select("payments", [
  590. "[>]transactions" => ['txid' => 'txid']
  591. ], 'amount', [
  592. 'AND' => [
  593. 'transactions.cashid' => $cash['cashid'],
  594. 'payments.type' => 1
  595. ]
  596. ]);
  597. foreach ($rows as $row) {
  598. $balance += $row;
  599. }
  600. $database->update('cash_drawer', [
  601. 'close' => date('Y-m-d H:i:s'),
  602. 'end_amount' => $balance
  603. ], [
  604. 'cashid' => $cash['cashid']
  605. ]);
  606. returnToSender("cash_closed");
  607. break;
  608. case "editregister":
  609. $insert = true;
  610. if (empty($VARS['id'])) {
  611. $insert = true;
  612. } else {
  613. if ($database->has('registers', ['registerid' => $VARS['id']])) {
  614. $insert = false;
  615. } else {
  616. returnToSender("invalid_parameters");
  617. }
  618. }
  619. if (empty($VARS['name'])) {
  620. returnToSender('invalid_parameters');
  621. }
  622. if ($database->has('registers', ['AND' => ['registerid[!]' => $VARS['id'], 'registername' => $VARS['name']]])) {
  623. returnToSender("register_name_taken");
  624. }
  625. $data = [
  626. 'registername' => $VARS['name']
  627. ];
  628. if ($insert) {
  629. $database->insert('registers', $data);
  630. } else {
  631. $database->update('registers', $data, ['registerid' => $VARS['id']]);
  632. }
  633. returnToSender("register_saved");
  634. case "xreport":
  635. $format = "html";
  636. $width = 64;
  637. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  638. $width = (int) $VARS['width'];
  639. }
  640. if (isset($VARS['format'])) {
  641. $format = $VARS['format'];
  642. }
  643. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $VARS['register'], 'open[!]' => null, 'close' => null]])) {
  644. header("Content-Type: application/json");
  645. exit(json_encode(["status" => "ERROR"]));
  646. }
  647. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_X, $VARS['register']);
  648. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "X Report"));
  649. break;
  650. case "zreport":
  651. $format = "html";
  652. $width = 64;
  653. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  654. $width = (int) $VARS['width'];
  655. }
  656. if (isset($VARS['format'])) {
  657. $format = $VARS['format'];
  658. }
  659. if (!$database->has('cash_drawer', ['AND' => ['open[!]' => null, 'close[!]' => null, 'cashid' => $VARS['cash']]])) {
  660. header("Content-Type: application/json");
  661. exit(json_encode(["status" => "ERROR"]));
  662. }
  663. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_Z, $VARS['cash']);
  664. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Z Report"));
  665. break;
  666. case "editcertificate":
  667. $insert = true;
  668. $code = $VARS['code'];
  669. $amount = $VARS['balance'];
  670. if (empty($VARS['id'])) {
  671. $insert = true;
  672. } else {
  673. if ($database->has('certificates', ['certid' => $VARS['id']])) {
  674. $insert = false;
  675. } else {
  676. returnToSender("invalid_parameters");
  677. }
  678. }
  679. if ($insert && (empty($code) || $database->has('certificates', ['certcode' => $code]))) {
  680. do {
  681. $code = random_int(100000000000, 999999999999);
  682. } while ($database->has('certificates', ['certcode' => $code]));
  683. }
  684. if (!is_numeric($amount)) {
  685. returnToSender("invalid_parameters");
  686. }
  687. if ($insert) {
  688. $database->insert('certificates', [
  689. 'certcode' => $code,
  690. 'amount' => $amount,
  691. 'start_amount' => $amount,
  692. 'issued' => date('Y-m-d H:i:s'),
  693. 'deleted' => 0]);
  694. returnToSender("card_x_added", $code);
  695. } else {
  696. $database->update('certificates', [
  697. 'certcode' => $code,
  698. 'amount' => $amount
  699. ], [
  700. 'certid' => $VARS['id']
  701. ]);
  702. returnToSender("card_x_saved", $code);
  703. }
  704. break;
  705. case "session_keepalive":
  706. header("Content-Type: application/json");
  707. exit(json_encode(["status" => "OK"]));
  708. case "signout":
  709. session_destroy();
  710. header('Location: index.php?logout=1');
  711. die("Logged out.");
  712. }