An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

functions.php 3.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
  1. <?php
  2. /*
  3. * This Source Code Form is subject to the terms of the Mozilla Public
  4. * License, v. 2.0. If a copy of the MPL was not distributed with this
  5. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  6. */
  7. /**
  8. * Build and send a simple JSON response.
  9. * @param string $msg A message
  10. * @param string $status "OK" or "ERROR"
  11. * @param array $data More JSON data
  12. */
  13. function sendJsonResp(string $msg = null, string $status = "OK", array $data = null) {
  14. $resp = [];
  15. if (!is_null($data)) {
  16. $resp = $data;
  17. }
  18. if (!is_null($msg)) {
  19. $resp["msg"] = $msg;
  20. }
  21. $resp["status"] = $status;
  22. header("Content-Type: application/json");
  23. exit(json_encode($resp));
  24. }
  25. function exitWithJson(array $json) {
  26. header("Content-Type: application/json");
  27. exit(json_encode($json));
  28. }
  29. /**
  30. * Get the API key with most of the characters replaced with *s.
  31. * @global string $key
  32. * @return string
  33. */
  34. function getCensoredKey() {
  35. global $key;
  36. $resp = $key;
  37. if (strlen($key) > 5) {
  38. for ($i = 2; $i < strlen($key) - 2; $i++) {
  39. $resp[$i] = "*";
  40. }
  41. }
  42. return $resp;
  43. }
  44. /**
  45. * Check if the request is allowed
  46. * @global array $VARS
  47. * @return bool true if the request should continue, false if the request is bad
  48. */
  49. function authenticate(): bool {
  50. global $VARS;
  51. // HTTP basic auth
  52. if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
  53. $user = User::byUsername($_SERVER['PHP_AUTH_USER']);
  54. if (!$user->checkPassword($_SERVER['PHP_AUTH_PW'])) {
  55. return false;
  56. }
  57. return true;
  58. }
  59. // Form auth
  60. if (empty($VARS['username']) || empty($VARS['password'])) {
  61. return false;
  62. } else {
  63. $username = $VARS['username'];
  64. $password = $VARS['password'];
  65. $user = User::byUsername($username);
  66. if ($user->exists() !== true || Login::auth($username, $password) !== Login::LOGIN_OK) {
  67. return false;
  68. }
  69. }
  70. return true;
  71. }
  72. /**
  73. * Get the User whose credentials were used to make the request.
  74. */
  75. function getRequestUser(): User {
  76. global $VARS;
  77. if (!empty($_SERVER['PHP_AUTH_USER'])) {
  78. return User::byUsername($_SERVER['PHP_AUTH_USER']);
  79. } else {
  80. return User::byUsername($VARS['username']);
  81. }
  82. }
  83. function checkVars($vars, $or = false) {
  84. global $VARS;
  85. $ok = [];
  86. foreach ($vars as $key => $val) {
  87. if (strpos($key, "OR") === 0) {
  88. checkVars($vars[$key], true);
  89. continue;
  90. }
  91. // Only check type of optional variables if they're set, and don't
  92. // mark them as bad if they're not set
  93. if (strpos($key, " (optional)") !== false) {
  94. $key = str_replace(" (optional)", "", $key);
  95. if (empty($VARS[$key])) {
  96. continue;
  97. }
  98. } else {
  99. if (empty($VARS[$key])) {
  100. $ok[$key] = false;
  101. continue;
  102. }
  103. }
  104. if (strpos($val, "/") === 0) {
  105. // regex
  106. $ok[$key] = preg_match($val, $VARS[$key]) === 1;
  107. } else {
  108. $checkmethod = "is_$val";
  109. $ok[$key] = !($checkmethod($VARS[$key]) !== true);
  110. }
  111. }
  112. if ($or) {
  113. $success = false;
  114. $bad = "";
  115. foreach ($ok as $k => $v) {
  116. if ($v) {
  117. $success = true;
  118. break;
  119. } else {
  120. $bad = $k;
  121. }
  122. }
  123. if (!$success) {
  124. http_response_code(400);
  125. die("400 Bad request: variable $bad is missing or invalid");
  126. }
  127. } else {
  128. foreach ($ok as $key => $bool) {
  129. if (!$bool) {
  130. http_response_code(400);
  131. die("400 Bad request: variable $key is missing or invalid");
  132. }
  133. }
  134. }
  135. }