Business
/
NickelBox
Seguir 1
Destacar 0
Fork 0
Código Incidencias 7 Peticiones pull 0 Lanzamientos 0 Wiki Actividad
An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 Commits
1 Rama
Árbol: d8613f0baa
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'd8613f0baa'
${ noResults }
NickelBox/action.php

action.php 30KB
Original Blame Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783 
  1. <?php

  2. 

  3. /* This Source Code Form is subject to the terms of the Mozilla Public

  4.  * License, v. 2.0. If a copy of the MPL was not distributed with this

  5.  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

  6. 

  7. /**

  8.  * Make things happen when buttons are pressed and forms submitted.

  9.  */

  10. require_once __DIR__ . "/required.php";

  11. 

  12. if ($VARS['action'] !== "signout") {

  13.     dieifnotloggedin();

  14. }

  15. 

  16. /**

  17.  * Redirects back to the page ID in $_POST/$_GET['source'] with the given message ID.

  18.  * The message will be displayed by the app.

  19.  * @param string $msg message ID (see lang/messages.php)

  20.  * @param string $arg If set, replaces "{arg}" in the message string when displayed to the user.

  21.  */

  22. function returnToSender($msg, $arg = "") {

  23.     global $VARS;

  24.     if ($arg == "") {

  25.         header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=" . $msg);

  26.     } else {

  27.         header("Location: app.php?page=" . urlencode($VARS['source']) . "&msg=$msg&arg=$arg");

  28.     }

  29.     die();

  30. }

  31. 

  32. switch ($VARS['action']) {

  33.     case "finish_transaction":

  34.         header("Content-Type: application/json");

  35.         $error = null;

  36.         $oktx = null;

  37.         $database->action(function ($database) {

  38.             global $VARS, $binstack, $error, $oktx;

  39. 

  40.             if (empty($VARS['items'])) {

  41.                 $error = $Strings->get("no items", false);

  42.                 return false;

  43.             }

  44. 

  45.             $items = $VARS['items'];

  46.             $payments = $VARS['payments'];

  47.             $customer = $VARS['customer'];

  48.             $register = $VARS['register'];

  49.             $discountpercent = $VARS['discountpercent'];

  50.             $cashid = null;

  51.             $editing = false;

  52. 

  53.             if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {

  54.                 $editing = true;

  55.                 $txid = $VARS['txid'];

  56.                 $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);

  57.                 if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {

  58.                     $error = $Strings->get("cash already closed", false);

  59.                     return false;

  60.                 }

  61.                 // Nuke the payments to make room for their replacements

  62.                 // Delete payments

  63.                 $oldpayments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);

  64.                 foreach ($oldpayments as $p) {

  65.                     // Reset gift card balances

  66.                     if (!is_null($p['certid'])) {

  67.                         $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);

  68.                     }

  69.                     $database->delete('payments', ['payid' => $p['payid']]);

  70.                 }

  71.             }

  72. 

  73.             if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {

  74.                 $error = $Strings->get("invalid customer", false);

  75.                 return false;

  76.             }

  77.             if ($register != "" && !$database->has('registers', ['registerid' => $register])) {

  78.                 $error = $Strings->get("invalid register", false);

  79.                 return false;

  80.             }

  81.             if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {

  82.                 $error = $Strings->get("cash not open", false);

  83.                 return false;

  84.             }

  85. 

  86.             if ($register != "" && $editing === false) {

  87.                 $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);

  88.             }

  89. 

  90.             $totalcharge = 0.00;

  91.             $totalpaid = 0.00;

  92.             $change = 0.0;

  93.             foreach ($items as $i) {

  94.                 $totalcharge += $i['each'] * $i['qty'];

  95.                 if (!$binstack->has('items', ['itemid' => $i['id']])) {

  96.                     $error = $Strings->get("invalid item", false);

  97.                     return false;

  98.                 }

  99.             }

  100.             foreach ($payments as $p) {

  101.                 if (!$database->has('payment_types', ['typename' => $p['type']])) {

  102.                     $error = $Strings->get("invalid payment type", false);

  103.                     return false;

  104.                 }

  105.                 $totalpaid += $p['amount'];

  106.                 if ($p['type'] == "giftcard") {

  107.                     if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {

  108.                         $error = $Strings->get("invalid giftcard", false);

  109.                         return false;

  110.                     }

  111.                 }

  112.             }

  113. 

  114.             if (is_numeric($discountpercent) && $discountpercent > 0 && $discountpercent < 100) {

  115.                 $discountpercent = $discountpercent * 1.0;

  116.                 $totalcharge *= 1.0 - ($discountpercent / 100.0);

  117.             } else {

  118.                 $discountpercent = 0.0;

  119.             }

  120. 

  121.             if ($totalcharge > $totalpaid) {

  122.                 $error = $Strings->get("insufficient payment", false);

  123.                 return false;

  124.             }

  125. 

  126. 

  127.             if ($editing === true) {

  128.                 $database->update('transactions', [

  129.                     'txdate' => date('Y-m-d H:i:s'),

  130.                     'customerid' => ($customer != "" ? $customer : null),

  131.                     'type' => 1,

  132.                     'cashier' => $_SESSION['uid'],

  133.                     'cashid' => $cashid,

  134.                     'discountpercent' => $discountpercent

  135.                         ], [

  136.                     'txid' => $txid

  137.                 ]);

  138.             } else {

  139.                 $database->insert('transactions', [

  140.                     'txdate' => date('Y-m-d H:i:s'),

  141.                     'customerid' => ($customer != "" ? $customer : null),

  142.                     'type' => 1,

  143.                     'cashier' => $_SESSION['uid'],

  144.                     'cashid' => $cashid,

  145.                     'discountpercent' => $discountpercent

  146.                 ]);

  147.                 $txid = $database->id();

  148.             }

  149. 

  150.             $olditems = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);

  151.             foreach ($items as $i) {

  152.                 $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);

  153. 

  154.                 $database->insert('lines', [

  155.                     'txid' => $txid,

  156.                     'amount' => $i['each'],

  157.                     'name' => $item['name'],

  158.                     'itemid' => $i['id'],

  159.                     'qty' => $i['qty']

  160.                 ]);

  161.                 $binstack->update('items', [

  162.                     'qty[-]' => $i['qty']

  163.                         ], [

  164.                     'itemid' => $i['id']

  165.                 ]);

  166.             }

  167. 

  168.             foreach ($payments as $p) {

  169.                 $certid = null;

  170.                 if ($p['type'] == "giftcard") {

  171.                     $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);

  172.                 }

  173.                 $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);

  174.                 $database->insert('payments', [

  175.                     'amount' => $p['amount'],

  176.                     'data' => '',

  177.                     'type' => $type,

  178.                     'txid' => $txid,

  179.                     'certid' => $certid

  180.                 ]);

  181.             }

  182. 

  183.             if ($totalcharge < $totalpaid) {

  184.                 $change = $totalpaid - $totalcharge;

  185.                 $database->insert('payments', [

  186.                     'amount' => $change * -1.0,

  187.                     'data' => '',

  188.                     'type' => 1,

  189.                     'txid' => $txid,

  190.                     'certid' => null

  191.                 ]);

  192.             }

  193. 

  194.             foreach ($olditems as $i) {

  195.                 $database->delete('lines', ['lineid' => $i['lineid']]);

  196.                 $binstack->update('items', [

  197.                     'qty[+]' => $i['qty']

  198.                         ], [

  199.                     'itemid' => $i['id']

  200.                 ]);

  201.             }

  202. 

  203.             $oktx = $txid;

  204.             return true;

  205.         });

  206. 

  207.         if (!is_null($error)) {

  208.             exit(json_encode(["status" => "ERROR", "message" => $error]));

  209.         } else {

  210.             exit(json_encode(["status" => "OK", "txid" => $oktx]));

  211.         }

  212.         break;

  213.     case "finish_return":

  214.         header("Content-Type: application/json");

  215.         $error = null;

  216.         $oktx = null;

  217.         $database->action(function ($database) {

  218.             global $VARS, $binstack, $error, $oktx;

  219. 

  220.             $items = $VARS['items'];

  221.             $payments = $VARS['payments'];

  222.             $customer = $VARS['customer'];

  223.             $register = $VARS['register'];

  224.             $cashid = null;

  225. 

  226.             if ($customer != "" && !$database->has('customers', ['customerid' => $customer])) {

  227.                 $error = $Strings->get("invalid customer", false);

  228.                 return false;

  229.             }

  230.             if ($register != "" && !$database->has('registers', ['registerid' => $register])) {

  231.                 $error = $Strings->get("invalid register", false);

  232.                 return false;

  233.             }

  234.             if ($register != "" && !$database->has('cash_drawer', ['AND' => ['registerid' => $register, 'close' => null]])) {

  235.                 $error = $Strings->get("cash not open", false);

  236.                 return false;

  237.             }

  238. 

  239.             if ($register != "") {

  240.                 $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $register, 'close' => null]]);

  241.             }

  242. 

  243.             $totaldue = 0.00;

  244.             $totalrefund = 0.00;

  245.             foreach ($items as $i) {

  246.                 $totaldue += $i['each'] * $i['qty'];

  247.                 if (!$binstack->has('items', ['itemid' => $i['id']])) {

  248.                     $error = $Strings->get("invalid item", false);

  249.                     return false;

  250.                 }

  251.             }

  252.             foreach ($payments as $p) {

  253.                 if (!$database->has('payment_types', ['typename' => $p['type']])) {

  254.                     $error = $Strings->get("invalid payment type", false);

  255.                     return false;

  256.                 }

  257.                 $totalrefund += $p['amount'];

  258.                 if ($p['type'] == "giftcard") {

  259.                     if (!$database->has('certificates', ['AND' => ['amount[>=]' => $p['amount'], 'deleted[!]' => 1, 'certcode' => $p['code']]])) {

  260.                         $error = $Strings->get("invalid giftcard", false);

  261.                         return false;

  262.                     }

  263.                 }

  264.             }

  265. 

  266.             $database->insert('transactions', [

  267.                 'txdate' => date('Y-m-d H:i:s'),

  268.                 'customerid' => ($customer != "" ? $customer : null),

  269.                 'type' => 2,

  270.                 'cashier' => $_SESSION['uid'],

  271.                 'cashid' => $cashid,

  272.                 'discountpercent' => 0.0

  273.             ]);

  274.             $txid = $database->id();

  275. 

  276.             foreach ($items as $i) {

  277.                 $item = $binstack->get('items', ['name', 'qty'], ['itemid' => $i['id']]);

  278. 

  279.                 $database->insert('lines', [

  280.                     'txid' => $txid,

  281.                     'amount' => $i['each'],

  282.                     'name' => $item['name'],

  283.                     'itemid' => $i['id'],

  284.                     'qty' => $i['qty'] * -1.0

  285.                 ]);

  286.             }

  287. 

  288.             foreach ($payments as $p) {

  289.                 $certid = null;

  290.                 if ($p['type'] == "giftcard") {

  291.                     $certid = $database->get('certificates', 'certid', ['certcode' => $p['code']]);

  292.                     $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $certid]);

  293.                 }

  294.                 $type = $database->get('payment_types', 'typeid', ['typename' => $p['type']]);

  295.                 $database->insert('payments', [

  296.                     'amount' => $p['amount'] * -1.0,

  297.                     'data' => '',

  298.                     'type' => $type,

  299.                     'txid' => $txid,

  300.                     'certid' => $certid

  301.                 ]);

  302.             }

  303. 

  304.             $oktx = $txid;

  305.             return true;

  306.         });

  307. 

  308.         if (!is_null($error)) {

  309.             exit(json_encode(["status" => "ERROR", "message" => $error]));

  310.         } else {

  311.             exit(json_encode(["status" => "OK", "txid" => $oktx]));

  312.         }

  313.         break;

  314.     case "delete_transaction":

  315.         header("Content-Type: application/json");

  316.         $error = null;

  317.         if (isset($VARS['txid']) && $database->has('transactions', ['txid' => $VARS['txid']])) {

  318.             $txid = $VARS['txid'];

  319.             $cashid = $database->get('transactions', 'cashid', ['txid' => $txid]);

  320.             if (!$database->has('cash_drawer', ['AND' => ['cashid' => $cashid, 'close' => null]])) {

  321.                 $error = $Strings->get("cash already closed", false);

  322.             }

  323. 

  324.             $database->action(function ($database) {

  325.                 global $VARS, $binstack, $error, $txid;

  326. 

  327.                 // Delete payments

  328.                 $payments = $database->select('payments', ['payid', 'amount', 'type', 'certid'], ['txid' => $txid]);

  329.                 foreach ($payments as $p) {

  330.                     // Reset gift card balances

  331.                     if (!is_null($p['certid'])) {

  332.                         $database->update('certificates', ['amount[+]' => $p['amount']], ['certid' => $p['certid']]);

  333.                     }

  334.                     $database->delete('payments', ['payid' => $p['payid']]);

  335.                 }

  336. 

  337.                 // Delete items/lines

  338.                 $items = $database->select('lines', ['itemid (id)', 'qty', 'lineid'], ['txid' => $txid]);

  339.                 foreach ($items as $i) {

  340.                     $database->delete('lines', ['lineid' => $i['lineid']]);

  341.                     $binstack->update('items', [

  342.                         'qty[+]' => $i['qty']

  343.                             ], [

  344.                         'itemid' => $i['id']

  345.                     ]);

  346.                 }

  347. 

  348.                 // Delete transaction

  349.                 $database->delete('transactions', ['txid' => $txid, 'LIMIT' => 1]);

  350.             });

  351.         } else {

  352.             $error = $Strings->get("invalid parameters", false);

  353.         }

  354.         if (!is_null($error)) {

  355.             exit(json_encode(["status" => "ERROR", "message" => $error]));

  356.         } else {

  357.             exit(json_encode(["status" => "OK"]));

  358.         }

  359.         break;

  360.     case "getreceipt":

  361.         require_once __DIR__ . "/lib/generatereceipt.php";

  362.         $format = "html";

  363.         $width = 48;

  364.         if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {

  365.             $width = (int) $VARS['width'];

  366.         }

  367.         if (isset($VARS['format'])) {

  368.             $format = $VARS['format'];

  369.         }

  370.         if (!$database->has('transactions', ['txid' => $VARS['txid']])) {

  371.             header("Content-Type: application/json");

  372.             exit(json_encode(["status" => "ERROR", "txid" => null]));

  373.         }

  374. 

  375.         $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_TRANSACTION, $VARS['txid']);

  376. 

  377.         exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Tx. #" . $VARS['txid']));

  378.         break;

  379.     case "transactionsearch":

  380.         header("Content-Type: application/json");

  381.         $where = [];

  382.         if (!empty($VARS['q'])) {

  383.             $where["AND"]["OR"] = [

  384.                 "txid" => $VARS['q'],

  385.                 "name[~]" => $VARS['q'],

  386.                 "email[~]" => $VARS['q'],

  387.                 "phone[~]" => $VARS['q']

  388.             ];

  389.         }

  390.         $start = date('Y-m-d H:i:s', 946684800); // Jan 1 2000

  391.         $end = date('Y-m-d H:i:s');

  392.         if (!empty($VARS['start']) && strtotime($VARS['start']) !== FALSE) {

  393.             $start = date('Y-m-d H:i:s', strtotime($VARS['start']));

  394.         }

  395.         if (!empty($VARS['end']) && strtotime($VARS['end']) !== FALSE) {

  396.             $end = date('Y-m-d H:i:s', strtotime($VARS['end']));

  397.         }

  398.         $where["AND"]['txdate[>=]'] = $start;

  399.         $where["AND"]['txdate[<=]'] = $end;

  400.         $where["LIMIT"] = 50;

  401. 

  402.         $transactions = $database->select('transactions', [

  403.             '[>]customers' => 'customerid',

  404.             '[>]cash_drawer' => 'cashid',

  405.             '[>]registers' => ['cash_drawer.registerid' => 'registerid'],

  406.                 ], [

  407.             'txid',

  408.             'txdate',

  409.             'type',

  410.             'cashier (cashierid)',

  411.             'transactions.cashid',

  412.             'cash_drawer.registerid',

  413.             'registers.registername',

  414.             'cash_drawer.open',

  415.             'cash_drawer.close',

  416.             'customerid',

  417.             'customer' => [

  418.                 'name',

  419.                 'email',

  420.                 'phone',

  421.                 'address'

  422.             ]], $where);

  423. 

  424.         for ($i = 0; $i < count($transactions); $i++) {

  425.             if (is_null($transactions[$i]['close']) && !is_null($transactions[$i]['open'])) {

  426.                 $transactions[$i]['editable'] = true;

  427.             } else {

  428.                 $transactions[$i]['editable'] = false;

  429.             }

  430.             if (!is_null($transactions[$i]['cashierid'])) {

  431.                 $cashier = new User($transactions[$i]['cashierid']);

  432.                 $transactions[$i]['cashier'] = [

  433.                     "name" => $cashier->getName(),

  434.                     "username" => $cashier->getUsername()

  435.                 ];

  436.             }

  437.         }

  438.         $transactions = (count($transactions) > 0 ? $transactions : false);

  439.         exit(json_encode(["status" => "OK", "transactions" => $transactions]));

  440.     case "itemsearch":

  441.         header("Content-Type: application/json");

  442.         if (!is_empty($VARS['q'])) {

  443.             $where["AND"]["OR"] = [

  444.                 "name[~]" => $VARS['q'],

  445.                 "code1[~]" => $VARS['q'],

  446.                 "code2[~]" => $VARS['q']

  447.             ];

  448.         } else {

  449.             exit(json_encode(["status" => "ERROR", "items" => false]));

  450.         }

  451. 

  452.         $items = $binstack->select('items', [

  453.             'itemid (id)',

  454.             'name',

  455.             'code1',

  456.             'code2',

  457.             'cost',

  458.             'price'

  459.                 ], $where);

  460. 

  461.         if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {

  462.             for ($n = 0; $n < count($items); $n++) {

  463.                 $i = $items[$n];

  464.                 if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {

  465.                     $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);

  466.                 }

  467.             }

  468.         }

  469. 

  470.         $items = (count($items) > 0 ? $items : false);

  471.         exit(json_encode(["status" => "OK", "items" => $items]));

  472.     case "getgriditems":

  473.         header("Content-Type: application/json");

  474.         $items = $binstack->select('items', [

  475.             'itemid (id)', 'name', 'price', 'code1', 'code2'

  476.                 ], [

  477.             'AND' => ['price[!]' => null, 'price[!]' => 0]

  478.         ]);

  479. 

  480.         if (!empty($VARS['customer']) && $database->has('customers', ['customerid' => $VARS['customer']])) {

  481.             for ($n = 0; $n < count($items); $n++) {

  482.                 $i = $items[$n];

  483.                 if ($database->has('customer_pricing', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]])) {

  484.                     $items[$n]['price'] = $database->get('customer_pricing', 'price', ['AND' => ['itemid' => $i['id'], 'customerid' => $VARS['customer']]]);

  485.                 }

  486.             }

  487.         }

  488. 

  489.         for ($n = 0; $n < count($items); $n++) {

  490.             if ($items[$n]['code1'] != "") {

  491.                 $items[$n]['code'] = $items[$n]["code1"];

  492.             } else if ($items[$n]['code1'] == "" && $items[$n]['code1'] != "") {

  493.                 $items[$n]['code'] = $items[$n]["code2"];

  494.             } else if (code == "") {

  495.                 $items[$n]['code'] = "---";

  496.             }

  497.         }

  498. 

  499.         $items = (count($items) > 0 ? $items : false);

  500.         exit(json_encode(["status" => "OK", "items" => $items]));

  501.     case "customersearch":

  502.         header("Content-Type: application/json");

  503.         if (!is_empty($VARS['q'])) {

  504.             $where["AND"]["OR"] = [

  505.                 "customerid" => $VARS['q'],

  506.                 "name[~]" => $VARS['q'],

  507.                 "email[~]" => $VARS['q'],

  508.                 "phone[~]" => $VARS['q']

  509.             ];

  510.         } else {

  511.             exit(json_encode(["status" => "ERROR", "customers" => false]));

  512.         }

  513. 

  514.         $where["LIMIT"] = 10;

  515. 

  516.         $customers = $database->select('customers', [

  517.             'customerid (id)',

  518.             'name',

  519.             'email',

  520.             'phone',

  521.             'address',

  522.             'notes'

  523.                 ], $where);

  524.         $customers = (count($customers) > 0 ? $customers : false);

  525.         exit(json_encode(["status" => "OK", "customers" => $customers]));

  526.     case "giftcard_lookup":

  527.         header("Content-Type: application/json");

  528.         $code = $VARS['code'];

  529.         if (empty($code)) {

  530.             exit(json_encode(["status" => "ERROR", "cards" => []]));

  531.         }

  532.         $cards = $database->select('certificates', ['certid (id)', 'certcode (code)', 'amount (balance)', 'start_amount (amount)'], ['certcode' => $code]);

  533.         exit(json_encode(["status" => "OK", "cards" => $cards]));

  534.         break;

  535.     case "editcustomer":

  536.         $insert = true;

  537.         if (is_empty($VARS['id'])) {

  538.             $insert = true;

  539.         } else {

  540.             if ($database->has('customers', ['customerid' => $VARS['id']])) {

  541.                 $insert = false;

  542.             } else {

  543.                 returnToSender("invalid_customerid");

  544.             }

  545.         }

  546.         if (is_empty($VARS['name'])) {

  547.             returnToSender('invalid_parameters');

  548.         }

  549. 

  550.         $data = [

  551.             'name' => $VARS['name'],

  552.             'email' => $VARS['email'],

  553.             'phone' => $VARS['phone'],

  554.             'address' => $VARS['address'],

  555.             'notes' => $VARS['notes']

  556.         ];

  557. 

  558.         $customerid = null;

  559.         if ($insert) {

  560.             $database->insert('customers', $data);

  561.             $customerid = $database->id();

  562.         } else {

  563.             $database->update('customers', $data, ['customerid' => $VARS['id']]);

  564.             $customerid = $VARS['id'];

  565.         }

  566. 

  567.         if (!is_null($customerid)) {

  568.             $custprices = $VARS['pricing'];

  569.             $newcustprices = [];

  570.             $oldcustprices = $database->select('customer_pricing', ['itemid (item)', 'price'], ['customerid' => $customerid]);

  571.             foreach ($custprices as $cp) {

  572.                 if (!$binstack->has('items', ['itemid' => $cp['item']])) {

  573.                     continue;

  574.                 }

  575.                 if (!is_numeric($cp['price'])) {

  576.                     continue;

  577.                 }

  578.                 $newcustprices[] = $cp;

  579.                 $oldcustprices = array_filter($oldcustprices, function ($var) {

  580.                     if ($cp['item'] == $var['item']) {

  581.                         return false;

  582.                     }

  583.                     return true;

  584.                 });

  585.             }

  586. 

  587.             foreach ($oldcustprices as $cp) {

  588.                 $database->delete('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);

  589.             }

  590.             foreach ($newcustprices as $cp) {

  591.                 if ($database->has('customer_pricing', ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]])) {

  592.                     $database->update('customer_pricing', ['price' => $cp['price']], ['AND' => ['itemid' => $cp['item'], 'customerid' => $customerid]]);

  593.                 } else {

  594.                     $database->insert('customer_pricing', ['price' => $cp['price'], 'itemid' => $cp['item'], 'customerid' => $customerid]);

  595.                 }

  596.             }

  597.         }

  598. 

  599.         returnToSender("customer_saved");

  600.     case "set_register":

  601.         $regid = $VARS['register'];

  602.         if (!$database->has('registers', ['registerid' => $regid])) {

  603.             returnToSender("invalid_parameters");

  604.         }

  605.         if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {

  606.             returnToSender("cash_not_open");

  607.         }

  608.         $cashid = $database->get('cash_drawer', 'cashid', ['AND' => ['registerid' => $regid, 'close' => null]]);

  609.         $_SESSION['register'] = (int) $regid;

  610.         returnToSender("register_set");

  611.         break;

  612.     case "opencash":

  613.         $regid = $VARS['register'];

  614.         $start = $VARS['startamount'];

  615.         if (!$database->has('registers', ['registerid' => $regid])) {

  616.             returnToSender("invalid_parameters");

  617.         }

  618.         if ($database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {

  619.             returnToSender("cash_already_open");

  620.         }

  621.         if (!is_numeric($start) || (float) $start < 0) {

  622.             $start = 0.0;

  623.         }

  624.         $database->insert('cash_drawer', [

  625.             'registerid' => $regid,

  626.             'open' => date('Y-m-d H:i:s'),

  627.             'close' => null,

  628.             'start_amount' => $start,

  629.             'end_amount' => null

  630.         ]);

  631.         returnToSender("cash_opened");

  632.         break;

  633.     case "closecash":

  634.         $regid = $VARS['register'];

  635.         if (!$database->has('registers', ['registerid' => $regid])) {

  636.             returnToSender("invalid_parameters");

  637.         }

  638.         if (!$database->has('cash_drawer', ['AND' => ['registerid' => $regid, 'close' => null]])) {

  639.             returnToSender("cash_not_open");

  640.         }

  641. 

  642.         $cash = $database->get('cash_drawer', ['cashid', 'start_amount'], ['AND' => ['registerid' => $regid, 'close' => null]]);

  643. 

  644.         $balance = (float) $cash['start_amount'];

  645.         $rows = $database->select("payments", [

  646.             "[>]transactions" => ['txid' => 'txid']

  647.                 ], 'amount', [

  648.             'AND' => [

  649.                 'transactions.cashid' => $cash['cashid'],

  650.                 'payments.type' => 1

  651.             ]

  652.         ]);

  653.         foreach ($rows as $row) {

  654.             $balance += $row;

  655.         }

  656. 

  657.         $database->update('cash_drawer', [

  658.             'close' => date('Y-m-d H:i:s'),

  659.             'end_amount' => $balance

  660.                 ], [

  661.             'cashid' => $cash['cashid']

  662.         ]);

  663. 

  664.         returnToSender("cash_closed");

  665.         break;

  666.     case "editregister":

  667.         $insert = true;

  668.         if (empty($VARS['id'])) {

  669.             $insert = true;

  670.         } else {

  671.             if ($database->has('registers', ['registerid' => $VARS['id']])) {

  672.                 $insert = false;

  673.             } else {

  674.                 returnToSender("invalid_parameters");

  675.             }

  676.         }

  677.         if (is_empty($VARS['name'])) {

  678.             returnToSender('invalid_parameters');

  679.         }

  680. 

  681.         if ($database->has('registers', ['AND' => ['registerid[!]' => $VARS['id'], 'registername' => $VARS['name']]])) {

  682.             returnToSender("register_name_taken");

  683.         }

  684. 

  685.         $data = [

  686.             'registername' => $VARS['name']

  687.         ];

  688. 

  689.         if ($insert) {

  690.             $database->insert('registers', $data);

  691.         } else {

  692.             $database->update('registers', $data, ['registerid' => $VARS['id']]);

  693.         }

  694. 

  695.         returnToSender("register_saved");

  696.     case "xreport":

  697.         require_once __DIR__ . "/lib/generatereceipt.php";

  698.         $format = "html";

  699.         $width = 64;

  700.         if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {

  701.             $width = (int) $VARS['width'];

  702.         }

  703.         if (isset($VARS['format'])) {

  704.             $format = $VARS['format'];

  705.         }

  706.         if (!$database->has('cash_drawer', ['AND' => ['registerid' => $VARS['register'], 'open[!]' => null, 'close' => null]])) {

  707.             header("Content-Type: application/json");

  708.             exit(json_encode(["status" => "ERROR"]));

  709.         }

  710. 

  711.         $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_X, $VARS['register']);

  712. 

  713.         exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "X Report"));

  714.         break;

  715.     case "zreport":

  716.         require_once __DIR__ . "/lib/generatereceipt.php";

  717.         $format = "html";

  718.         $width = 64;

  719.         if (isset($VARS['width']) && preg_match("/[0-9]+/", $VARS['width']) && (int) $VARS['width'] > 0) {

  720.             $width = (int) $VARS['width'];

  721.         }

  722.         if (isset($VARS['format'])) {

  723.             $format = $VARS['format'];

  724.         }

  725.         if (!$database->has('cash_drawer', ['AND' => ['open[!]' => null, 'close[!]' => null, 'cashid' => $VARS['cash']]])) {

  726.             header("Content-Type: application/json");

  727.             exit(json_encode(["status" => "ERROR"]));

  728.         }

  729. 

  730.         $receipt = GenerateReceipt::getReceipt(GenerateReceipt::RECEIPT_TYPE_Z, $VARS['cash']);

  731. 

  732.         exit(GenerateReceipt::outputReceipt($receipt, $format, $width, "Z Report"));

  733.         break;

  734.     case "editcertificate":

  735.         $insert = true;

  736.         $code = $VARS['code'];

  737.         $amount = $VARS['balance'];

  738.         if (empty($VARS['id'])) {

  739.             $insert = true;

  740.         } else {

  741.             if ($database->has('certificates', ['certid' => $VARS['id']])) {

  742.                 $insert = false;

  743.             } else {

  744.                 returnToSender("invalid_parameters");

  745.             }

  746.         }

  747. 

  748.         if ($insert && (is_empty($code) || $database->has('certificates', ['certcode' => $code]))) {

  749.             do {

  750.                 $code = random_int(100000000000, 999999999999);

  751.             } while ($database->has('certificates', ['certcode' => $code]));

  752.         }

  753. 

  754.         if (!is_numeric($amount)) {

  755.             returnToSender("invalid_parameters");

  756.         }

  757. 

  758.         if ($insert) {

  759.             $database->insert('certificates', [

  760.                 'certcode' => $code,

  761.                 'amount' => $amount,

  762.                 'start_amount' => $amount,

  763.                 'issued' => date('Y-m-d H:i:s'),

  764.                 'deleted' => 0]);

  765.             returnToSender("card_x_added", $code);

  766.         } else {

  767.             $database->update('certificates', [

  768.                 'certcode' => $code,

  769.                 'amount' => $amount

  770.                     ], [

  771.                 'certid' => $VARS['id']

  772.             ]);

  773.             returnToSender("card_x_saved", $code);

  774.         }

  775.         break;

  776.     case "session_keepalive":

  777.         header("Content-Type: application/json");

  778.         exit(json_encode(["status" => "OK"]));

  779.     case "signout":

  780.         session_destroy();

  781.         header('Location: index.php');

  782.         die("Logged out.");

  783. }