An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.

action.php 30KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783
  1. <?php
  2. /* This Source Code Form is subject to the terms of the Mozilla Public
  3. * License, v. 2.0. If a copy of the MPL was not distributed with this
  4. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  5. /**
  6. * Make things happen when buttons are pressed and forms submitted.
  7. */
  8. require_once __DIR__ . "/required.php";
  9. if ($VARS['action'] !== "signout") {
  10. dieifnotloggedin();
  11. }
  12. /**
  13. * Redirects back to the page ID in $_POST/$_GET['source'] with the given message ID.
  14. * The message will be displayed by the app.
  15. * @param string $msg message ID (see lang/messages.php)
  16. * @param string $arg If set, replaces "{arg}" in the message string when displayed to the user.
  17. */
  18. function returnToSender($msg, $arg = "") {
  19. global $VARS;
  20. if ($arg == "") {
  21. header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=" . $msg);
  22. } else {
  23. header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg&arg=$arg");
  24. }
  25. die();
  26. }
  27. switch ($VARS['action']) {
  28. case "finish_transaction":
  29. header("Content-Type: application/json");
  30. $error = null;
  31. $oktx = null;
  32. $database->action(function ($database) {
  33. global $VARS, $binstack, $error, $oktx;
  34. if (empty($VARS['items'])) {
  35. $error = $Strings->get("no items", false);
  36. return false;
  37. }
  38. $items = $VARS['items'];
  39. $payments = $VARS['payments'];
  40. $customer = $VARS['customer'];
  41. $register = $VARS['register'];
  42. $discountpercent = $VARS['discountpercent'];
  43. $cashid = null;
  44. $editing = false;
  45. if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {
  46. $editing = true;
  47. $txid = $VARS['txid'];
  48. $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);
  49. if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {
  50. $error = $Strings->get("cash already closed", false);
  51. return false;
  52. }
  53. // Nuke the payments to make room for their replacements
  54. // Delete payments
  55. $oldpayments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);
  56. foreach ($oldpayments as $p) {
  57. // Reset gift card balances
  58. if (!is_null($p['certid'])) {
  59. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);
  60. }
  61. $database->delete('payments', ['payid' => $p['payid']]);
  62. }
  63. }
  64. if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {
  65. $error = $Strings->get("invalid customer", false);
  66. return false;
  67. }
  68. if ($register != "" && !$database->has('registers', ['registerid' => $register])) {
  69. $error = $Strings->get("invalid register", false);
  70. return false;
  71. }
  72. if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {
  73. $error = $Strings->get("cash not open", false);
  74. return false;
  75. }
  76. if ($register != "" && $editing === false) {
  77. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);
  78. }
  79. $totalcharge = 0.00;
  80. $totalpaid = 0.00;
  81. $change = 0.0;
  82. foreach ($items as $i) {
  83. $totalcharge += $i['each'] * $i['qty'];
  84. if (!$binstack->has('items', ['itemid' => $i['id']])) {
  85. $error = $Strings->get("invalid item", false);
  86. return false;
  87. }
  88. }
  89. foreach ($payments as $p) {
  90. if (!$database->has('payment_types', ['typename' => $p['type']])) {
  91. $error = $Strings->get("invalid payment type", false);
  92. return false;
  93. }
  94. $totalpaid += $p['amount'];
  95. if ($p['type'] == "giftcard") {
  96. if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {
  97. $error = $Strings->get("invalid giftcard", false);
  98. return false;
  99. }
  100. }
  101. }
  102. if (is_numeric($discountpercent) && $discountpercent > 0 && $discountpercent < 100) {
  103. $discountpercent = $discountpercent * 1.0;
  104. $totalcharge *= 1.0 - ($discountpercent / 100.0);
  105. } else {
  106. $discountpercent = 0.0;
  107. }
  108. if ($totalcharge > $totalpaid) {
  109. $error = $Strings->get("insufficient payment", false);
  110. return false;
  111. }
  112. if ($editing === true) {
  113. $database->update('transactions', [
  114. 'txdate' => date('Y-m-d H:i:s'),
  115. 'customerid' => ($customer != "" ? $customer : null),
  116. 'type' => 1,
  117. 'cashier' => $_SESSION['uid'],
  118. 'cashid' => $cashid,
  119. 'discountpercent' => $discountpercent
  120. ], [
  121. 'txid' => $txid
  122. ]);
  123. } else {
  124. $database->insert('transactions', [
  125. 'txdate' => date('Y-m-d H:i:s'),
  126. 'customerid' => ($customer != "" ? $customer : null),
  127. 'type' => 1,
  128. 'cashier' => $_SESSION['uid'],
  129. 'cashid' => $cashid,
  130. 'discountpercent' => $discountpercent
  131. ]);
  132. $txid = $database->id();
  133. }
  134. $olditems = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);
  135. foreach ($items as $i) {
  136. $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);
  137. $database->insert('lines', [
  138. 'txid' => $txid,
  139. 'amount' => $i['each'],
  140. 'name' => $item['name'],
  141. 'itemid' => $i['id'],
  142. 'qty' => $i['qty']
  143. ]);
  144. $binstack->update('items', [
  145. 'qty[-]' => $i['qty']
  146. ], [
  147. 'itemid' => $i['id']
  148. ]);
  149. }
  150. foreach ($payments as $p) {
  151. $certid = null;
  152. if ($p['type'] == "giftcard") {
  153. $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);
  154. }
  155. $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);
  156. $database->insert('payments', [
  157. 'amount' => $p['amount'],
  158. 'data' => '',
  159. 'type' => $type,
  160. 'txid' => $txid,
  161. 'certid' => $certid
  162. ]);
  163. }
  164. if ($totalcharge < $totalpaid) {
  165. $change = $totalpaid - $totalcharge;
  166. $database->insert('payments', [
  167. 'amount' => $change * -1.0,
  168. 'data' => '',
  169. 'type' => 1,
  170. 'txid' => $txid,
  171. 'certid' => null
  172. ]);
  173. }
  174. foreach ($olditems as $i) {
  175. $database->delete('lines', ['lineid' => $i['lineid']]);
  176. $binstack->update('items', [
  177. 'qty[+]' => $i['qty']
  178. ], [
  179. 'itemid' => $i['id']
  180. ]);
  181. }
  182. $oktx = $txid;
  183. return true;
  184. });
  185. if (!is_null($error)) {
  186. exit(json_encode(["status" => "ERROR", "message" => $error]));
  187. } else {
  188. exit(json_encode(["status" => "OK", "txid" => $oktx]));
  189. }
  190. break;
  191. case "finish_return":
  192. header("Content-Type: application/json");
  193. $error = null;
  194. $oktx = null;
  195. $database->action(function ($database) {
  196. global $VARS, $binstack, $error, $oktx;
  197. $items = $VARS['items'];
  198. $payments = $VARS['payments'];
  199. $customer = $VARS['customer'];
  200. $register = $VARS['register'];
  201. $cashid = null;
  202. if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {
  203. $error = $Strings->get("invalid customer", false);
  204. return false;
  205. }
  206. if ($register != "" && !$database->has('registers', ['registerid' => $register])) {
  207. $error = $Strings->get("invalid register", false);
  208. return false;
  209. }
  210. if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {
  211. $error = $Strings->get("cash not open", false);
  212. return false;
  213. }
  214. if ($register != "") {
  215. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);
  216. }
  217. $totaldue = 0.00;
  218. $totalrefund = 0.00;
  219. foreach ($items as $i) {
  220. $totaldue += $i['each'] * $i['qty'];
  221. if (!$binstack->has('items', ['itemid' => $i['id']])) {
  222. $error = $Strings->get("invalid item", false);
  223. return false;
  224. }
  225. }
  226. foreach ($payments as $p) {
  227. if (!$database->has('payment_types', ['typename' => $p['type']])) {
  228. $error = $Strings->get("invalid payment type", false);
  229. return false;
  230. }
  231. $totalrefund += $p['amount'];
  232. if ($p['type'] == "giftcard") {
  233. if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {
  234. $error = $Strings->get("invalid giftcard", false);
  235. return false;
  236. }
  237. }
  238. }
  239. $database->insert('transactions', [
  240. 'txdate' => date('Y-m-d H:i:s'),
  241. 'customerid' => ($customer != "" ? $customer : null),
  242. 'type' => 2,
  243. 'cashier' => $_SESSION['uid'],
  244. 'cashid' => $cashid,
  245. 'discountpercent' => 0.0
  246. ]);
  247. $txid = $database->id();
  248. foreach ($items as $i) {
  249. $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);
  250. $database->insert('lines', [
  251. 'txid' => $txid,
  252. 'amount' => $i['each'],
  253. 'name' => $item['name'],
  254. 'itemid' => $i['id'],
  255. 'qty' => $i['qty'] * -1.0
  256. ]);
  257. }
  258. foreach ($payments as $p) {
  259. $certid = null;
  260. if ($p['type'] == "giftcard") {
  261. $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);
  262. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $certid]);
  263. }
  264. $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);
  265. $database->insert('payments', [
  266. 'amount' => $p['amount'] * -1.0,
  267. 'data' => '',
  268. 'type' => $type,
  269. 'txid' => $txid,
  270. 'certid' => $certid
  271. ]);
  272. }
  273. $oktx = $txid;
  274. return true;
  275. });
  276. if (!is_null($error)) {
  277. exit(json_encode(["status" => "ERROR", "message" => $error]));
  278. } else {
  279. exit(json_encode(["status" => "OK", "txid" => $oktx]));
  280. }
  281. break;
  282. case "delete_transaction":
  283. header("Content-Type: application/json");
  284. $error = null;
  285. if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {
  286. $txid = $VARS['txid'];
  287. $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);
  288. if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {
  289. $error = $Strings->get("cash already closed", false);
  290. }
  291. $database->action(function ($database) {
  292. global $VARS, $binstack, $error, $txid;
  293. // Delete payments
  294. $payments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);
  295. foreach ($payments as $p) {
  296. // Reset gift card balances
  297. if (!is_null($p['certid'])) {
  298. $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);
  299. }
  300. $database->delete('payments', ['payid' => $p['payid']]);
  301. }
  302. // Delete items/lines
  303. $items = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);
  304. foreach ($items as $i) {
  305. $database->delete('lines', ['lineid' => $i['lineid']]);
  306. $binstack->update('items', [
  307. 'qty[+]' => $i['qty']
  308. ], [
  309. 'itemid' => $i['id']
  310. ]);
  311. }
  312. // Delete transaction
  313. $database->delete('transactions', ['txid' => $txid, 'LIMIT' => 1]);
  314. });
  315. } else {
  316. $error = $Strings->get("invalid parameters", false);
  317. }
  318. if (!is_null($error)) {
  319. exit(json_encode(["status" => "ERROR", "message" => $error]));
  320. } else {
  321. exit(json_encode(["status" => "OK"]));
  322. }
  323. break;
  324. case "getreceipt":
  325. require_once __DIR__ . "/lib/generatereceipt.php";
  326. $format = "html";
  327. $width = 48;
  328. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  329. $width = (int) $VARS['width'];
  330. }
  331. if (isset($VARS['format'])) {
  332. $format = $VARS['format'];
  333. }
  334. if (!$database->has('transactions', ['txid' => $VARS['txid']])) {
  335. header("Content-Type: application/json");
  336. exit(json_encode(["status" => "ERROR", "txid" => null]));
  337. }
  338. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_TRANSACTION, $VARS['txid']);
  339. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Tx. #" . $VARS['txid']));
  340. break;
  341. case "transactionsearch":
  342. header("Content-Type: application/json");
  343. $where = [];
  344. if (!empty($VARS['q'])) {
  345. $where["AND"]["OR"] = [
  346. "txid" => $VARS['q'],
  347. "name[~]" => $VARS['q'],
  348. "email[~]" => $VARS['q'],
  349. "phone[~]" => $VARS['q']
  350. ];
  351. }
  352. $start = date('Y-m-d H:i:s', 946684800); // Jan 1 2000
  353. $end = date('Y-m-d H:i:s');
  354. if (!empty($VARS['start']) && strtotime($VARS['start']) !== FALSE) {
  355. $start = date('Y-m-d H:i:s', strtotime($VARS['start']));
  356. }
  357. if (!empty($VARS['end']) && strtotime($VARS['end']) !== FALSE) {
  358. $end = date('Y-m-d H:i:s', strtotime($VARS['end']));
  359. }
  360. $where["AND"]['txdate[>=]'] = $start;
  361. $where["AND"]['txdate[<=]'] = $end;
  362. $where["LIMIT"] = 50;
  363. $transactions = $database->select('transactions', [
  364. '[>]customers' => 'customerid',
  365. '[>]cash_drawer' => 'cashid',
  366. '[>]registers' => ['cash_drawer.registerid' => 'registerid'],
  367. ], [
  368. 'txid',
  369. 'txdate',
  370. 'type',
  371. 'cashier (cashierid)',
  372. 'transactions.cashid',
  373. 'cash_drawer.registerid',
  374. 'registers.registername',
  375. 'cash_drawer.open',
  376. 'cash_drawer.close',
  377. 'customerid',
  378. 'customer' => [
  379. 'name',
  380. 'email',
  381. 'phone',
  382. 'address'
  383. ]], $where);
  384. for ($i = 0; $i < count($transactions); $i++) {
  385. if (is_null($transactions[$i]['close']) && !is_null($transactions[$i]['open'])) {
  386. $transactions[$i]['editable'] = true;
  387. } else {
  388. $transactions[$i]['editable'] = false;
  389. }
  390. if (!is_null($transactions[$i]['cashierid'])) {
  391. $cashier = new User($transactions[$i]['cashierid']);
  392. $transactions[$i]['cashier'] = [
  393. "name" => $cashier->getName(),
  394. "username" => $cashier->getUsername()
  395. ];
  396. }
  397. }
  398. $transactions = (count($transactions) > 0 ? $transactions : false);
  399. exit(json_encode(["status" => "OK", "transactions" => $transactions]));
  400. case "itemsearch":
  401. header("Content-Type: application/json");
  402. if (!is_empty($VARS['q'])) {
  403. $where["AND"]["OR"] = [
  404. "name[~]" => $VARS['q'],
  405. "code1[~]" => $VARS['q'],
  406. "code2[~]" => $VARS['q']
  407. ];
  408. } else {
  409. exit(json_encode(["status" => "ERROR", "items" => false]));
  410. }
  411. $items = $binstack->select('items', [
  412. 'itemid (id)',
  413. 'name',
  414. 'code1',
  415. 'code2',
  416. 'cost',
  417. 'price'
  418. ], $where);
  419. if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {
  420. for ($n = 0; $n < count($items); $n++) {
  421. $i = $items[$n];
  422. if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {
  423. $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);
  424. }
  425. }
  426. }
  427. $items = (count($items) > 0 ? $items : false);
  428. exit(json_encode(["status" => "OK", "items" => $items]));
  429. case "getgriditems":
  430. header("Content-Type: application/json");
  431. $items = $binstack->select('items', [
  432. 'itemid (id)', 'name', 'price', 'code1', 'code2'
  433. ], [
  434. 'AND' => ['price[!]' => null, 'price[!]' => 0]
  435. ]);
  436. if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {
  437. for ($n = 0; $n < count($items); $n++) {
  438. $i = $items[$n];
  439. if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {
  440. $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);
  441. }
  442. }
  443. }
  444. for ($n = 0; $n < count($items); $n++) {
  445. if ($items[$n]['code1'] != "") {
  446. $items[$n]['code'] = $items[$n]["code1"];
  447. } else if ($items[$n]['code1'] == "" && $items[$n]['code1'] != "") {
  448. $items[$n]['code'] = $items[$n]["code2"];
  449. } else if (code == "") {
  450. $items[$n]['code'] = "---";
  451. }
  452. }
  453. $items = (count($items) > 0 ? $items : false);
  454. exit(json_encode(["status" => "OK", "items" => $items]));
  455. case "customersearch":
  456. header("Content-Type: application/json");
  457. if (!is_empty($VARS['q'])) {
  458. $where["AND"]["OR"] = [
  459. "customerid" => $VARS['q'],
  460. "name[~]" => $VARS['q'],
  461. "email[~]" => $VARS['q'],
  462. "phone[~]" => $VARS['q']
  463. ];
  464. } else {
  465. exit(json_encode(["status" => "ERROR", "customers" => false]));
  466. }
  467. $where["LIMIT"] = 10;
  468. $customers = $database->select('customers', [
  469. 'customerid (id)',
  470. 'name',
  471. 'email',
  472. 'phone',
  473. 'address',
  474. 'notes'
  475. ], $where);
  476. $customers = (count($customers) > 0 ? $customers : false);
  477. exit(json_encode(["status" => "OK", "customers" => $customers]));
  478. case "giftcard_lookup":
  479. header("Content-Type: application/json");
  480. $code = $VARS['code'];
  481. if (empty($code)) {
  482. exit(json_encode(["status" => "ERROR", "cards" => []]));
  483. }
  484. $cards = $database->select('certificates', ['certid (id)', 'certcode (code)', 'amount (balance)', 'start_amount (amount)'], ['certcode' => $code]);
  485. exit(json_encode(["status" => "OK", "cards" => $cards]));
  486. break;
  487. case "editcustomer":
  488. $insert = true;
  489. if (is_empty($VARS['id'])) {
  490. $insert = true;
  491. } else {
  492. if ($database->has('customers', ['customerid' => $VARS['id']])) {
  493. $insert = false;
  494. } else {
  495. returnToSender("invalid_customerid");
  496. }
  497. }
  498. if (is_empty($VARS['name'])) {
  499. returnToSender('invalid_parameters');
  500. }
  501. $data = [
  502. 'name' => $VARS['name'],
  503. 'email' => $VARS['email'],
  504. 'phone' => $VARS['phone'],
  505. 'address' => $VARS['address'],
  506. 'notes' => $VARS['notes']
  507. ];
  508. $customerid = null;
  509. if ($insert) {
  510. $database->insert('customers', $data);
  511. $customerid = $database->id();
  512. } else {
  513. $database->update('customers', $data, ['customerid' => $VARS['id']]);
  514. $customerid = $VARS['id'];
  515. }
  516. if (!is_null($customerid)) {
  517. $custprices = $VARS['pricing'];
  518. $newcustprices = [];
  519. $oldcustprices = $database->select('customer_pricing', ['itemid (item)', 'price'], ['customerid' => $customerid]);
  520. foreach ($custprices as $cp) {
  521. if (!$binstack->has('items', ['itemid' => $cp['item']])) {
  522. continue;
  523. }
  524. if (!is_numeric($cp['price'])) {
  525. continue;
  526. }
  527. $newcustprices[] = $cp;
  528. $oldcustprices = array_filter($oldcustprices, function ($var) {
  529. if ($cp['item'] == $var['item']) {
  530. return false;
  531. }
  532. return true;
  533. });
  534. }
  535. foreach ($oldcustprices as $cp) {
  536. $database->delete('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);
  537. }
  538. foreach ($newcustprices as $cp) {
  539. if ($database->has('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]])) {
  540. $database->update('customer_pricing', ['price' => $cp['price']], ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);
  541. } else {
  542. $database->insert('customer_pricing', ['price' => $cp['price'], 'itemid' => $cp['item'], 'customerid' => $customerid]);
  543. }
  544. }
  545. }
  546. returnToSender("customer_saved");
  547. case "set_register":
  548. $regid = $VARS['register'];
  549. if (!$database->has('registers', ['registerid' => $regid])) {
  550. returnToSender("invalid_parameters");
  551. }
  552. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  553. returnToSender("cash_not_open");
  554. }
  555. $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $regid, 'close' => null]]);
  556. $_SESSION['register'] = (int) $regid;
  557. returnToSender("register_set");
  558. break;
  559. case "opencash":
  560. $regid = $VARS['register'];
  561. $start = $VARS['startamount'];
  562. if (!$database->has('registers', ['registerid' => $regid])) {
  563. returnToSender("invalid_parameters");
  564. }
  565. if ($database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  566. returnToSender("cash_already_open");
  567. }
  568. if (!is_numeric($start) || (float) $start < 0) {
  569. $start = 0.0;
  570. }
  571. $database->insert('cash_drawer', [
  572. 'registerid' => $regid,
  573. 'open' => date('Y-m-d H:i:s'),
  574. 'close' => null,
  575. 'start_amount' => $start,
  576. 'end_amount' => null
  577. ]);
  578. returnToSender("cash_opened");
  579. break;
  580. case "closecash":
  581. $regid = $VARS['register'];
  582. if (!$database->has('registers', ['registerid' => $regid])) {
  583. returnToSender("invalid_parameters");
  584. }
  585. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {
  586. returnToSender("cash_not_open");
  587. }
  588. $cash = $database->get('cash_drawer', ['cashid', 'start_amount'], ['AND' => ['registerid' => $regid, 'close' => null]]);
  589. $balance = (float) $cash['start_amount'];
  590. $rows = $database->select("payments", [
  591. "[>]transactions" => ['txid' => 'txid']
  592. ], 'amount', [
  593. 'AND' => [
  594. 'transactions.cashid' => $cash['cashid'],
  595. 'payments.type' => 1
  596. ]
  597. ]);
  598. foreach ($rows as $row) {
  599. $balance += $row;
  600. }
  601. $database->update('cash_drawer', [
  602. 'close' => date('Y-m-d H:i:s'),
  603. 'end_amount' => $balance
  604. ], [
  605. 'cashid' => $cash['cashid']
  606. ]);
  607. returnToSender("cash_closed");
  608. break;
  609. case "editregister":
  610. $insert = true;
  611. if (empty($VARS['id'])) {
  612. $insert = true;
  613. } else {
  614. if ($database->has('registers', ['registerid' => $VARS['id']])) {
  615. $insert = false;
  616. } else {
  617. returnToSender("invalid_parameters");
  618. }
  619. }
  620. if (is_empty($VARS['name'])) {
  621. returnToSender('invalid_parameters');
  622. }
  623. if ($database->has('registers', ['AND' => ['registerid[!]' => $VARS['id'], 'registername' => $VARS['name']]])) {
  624. returnToSender("register_name_taken");
  625. }
  626. $data = [
  627. 'registername' => $VARS['name']
  628. ];
  629. if ($insert) {
  630. $database->insert('registers', $data);
  631. } else {
  632. $database->update('registers', $data, ['registerid' => $VARS['id']]);
  633. }
  634. returnToSender("register_saved");
  635. case "xreport":
  636. require_once __DIR__ . "/lib/generatereceipt.php";
  637. $format = "html";
  638. $width = 64;
  639. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  640. $width = (int) $VARS['width'];
  641. }
  642. if (isset($VARS['format'])) {
  643. $format = $VARS['format'];
  644. }
  645. if (!$database->has('cash_drawer', ['AND' => ['registerid' => $VARS['register'], 'open[!]' => null, 'close' => null]])) {
  646. header("Content-Type: application/json");
  647. exit(json_encode(["status" => "ERROR"]));
  648. }
  649. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_X, $VARS['register']);
  650. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "X Report"));
  651. break;
  652. case "zreport":
  653. require_once __DIR__ . "/lib/generatereceipt.php";
  654. $format = "html";
  655. $width = 64;
  656. if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {
  657. $width = (int) $VARS['width'];
  658. }
  659. if (isset($VARS['format'])) {
  660. $format = $VARS['format'];
  661. }
  662. if (!$database->has('cash_drawer', ['AND' => ['open[!]' => null, 'close[!]' => null, 'cashid' => $VARS['cash']]])) {
  663. header("Content-Type: application/json");
  664. exit(json_encode(["status" => "ERROR"]));
  665. }
  666. $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_Z, $VARS['cash']);
  667. exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Z Report"));
  668. break;
  669. case "editcertificate":
  670. $insert = true;
  671. $code = $VARS['code'];
  672. $amount = $VARS['balance'];
  673. if (empty($VARS['id'])) {
  674. $insert = true;
  675. } else {
  676. if ($database->has('certificates', ['certid' => $VARS['id']])) {
  677. $insert = false;
  678. } else {
  679. returnToSender("invalid_parameters");
  680. }
  681. }
  682. if ($insert && (is_empty($code) || $database->has('certificates', ['certcode' => $code]))) {
  683. do {
  684. $code = random_int(100000000000, 999999999999);
  685. } while ($database->has('certificates', ['certcode' => $code]));
  686. }
  687. if (!is_numeric($amount)) {
  688. returnToSender("invalid_parameters");
  689. }
  690. if ($insert) {
  691. $database->insert('certificates', [
  692. 'certcode' => $code,
  693. 'amount' => $amount,
  694. 'start_amount' => $amount,
  695. 'issued' => date('Y-m-d H:i:s'),
  696. 'deleted' => 0]);
  697. returnToSender("card_x_added", $code);
  698. } else {
  699. $database->update('certificates', [
  700. 'certcode' => $code,
  701. 'amount' => $amount
  702. ], [
  703. 'certid' => $VARS['id']
  704. ]);
  705. returnToSender("card_x_saved", $code);
  706. }
  707. break;
  708. case "session_keepalive":
  709. header("Content-Type: application/json");
  710. exit(json_encode(["status" => "OK"]));
  711. case "signout":
  712. session_destroy();
  713. header('Location: index.php');
  714. die("Logged out.");
  715. }