//Template directory
$template="./template/";
+//Renderer options
+// uncomment the ones you want to use
+$twigoptions = array(
+ //cache should be either set to false (no cache) or an explicit writeable path
+ //if not present Twig will use a subdirectory under /tmp, which is not particularly secure
+ //'cache' => '/path/to/compilation_cache',
+ 'cache' => false,
+ //character set the templates are written in, default is utf-8
+ //'charset' => 'utf-8',
+ //automatically reload/compile templates when they change
+ //'auto_reload' => false,
+);
+//Renderer extensions
+$twigextensions = array(
+ //'Escaper', //provides the escape filter and autoescaping
+ //'Sandbox', //allows to execute templates in a sandbox
+ //'I18n', //provides the trans filter
+);
+//there is currently no configuration available for these extensions - this may make them pretty useless
///////////
//Chose a DB engine
// Copyright: See README/COPYING files that come with this distribution
//
//
-include_once('./inc/classes/event.php');
-include_once('./inc/classes/room.php');
-include_once("./inc/classes/random.php");
-include_once("./inc/classes/order.php");
-include_once("./inc/classes/ticket.php");
-include_once("./inc/classes/voucher.php");
-include_once("./inc/classes/cart.php");
-include_once('./inc/classes/error.php');
-include_once('./inc/classes/language_manager.php');
-include_once('./inc/classes/parser.php');
-include_once('./inc/classes/config_manager.php');
-include_once('./inc/classes/customer.php');
-include_once('./inc/classes/websession.php');
+wob_autoclass('LanguageManager','./inc/classes/language_manager.php');
+wob_autoclass('ConfigManager','./inc/classes/config_manager.php');
+wob_autoclass('Websession','./inc/classes/websession.php');
+// wob_autoclass('ErrorManager','./inc/classes/error.php');
?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: cart
-//
-// Description: Shopping Cart for Web-Interface
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**this class represents a bunch of tickets in the shopping cart, it is created by Cart*/
-class CartTicket
-{
- private $cartid;
- private $eventid;
- private $amount;
-
- /**used by Cart to create the tickets, never use this directly*/
- public function __construct($cid,$eid,$amt)
- {
- $this->cartid=$cid;
- $this->eventid=$eid;
- $this->amount=$amt;
- }
-
- /**use this to increase or decrease the amount of tickets; if the amount is decreased to zero, the row in the DB is deleted and the ticket can only be re-added with Cart::addTicket */
- public function changeAmount($amt)
- {
- global $db;
- if($amt<=0){
- $db->deleteRows("cart_ticket","cartid=".$db->escapeString($this->cartid)." and eventid=".$this->eventid);
- $this->amount=0;
- }else{
- $db->update("cart_ticket",array("amount"=>($amt+0)),"cartid=".$db->escapeInt($this->cartid)." AND eventid=".$db->escapeInt($this->eventid));
- $this->amount=$amt;
- }
- }
-
- /**use this to get the actual event*/
- public function eventObject()
- {
- return new Event($this->eventid);
- }
-
- /**return the eventID*/
- public function getEventId()
- {
- return $this->eventid;
- }
-
- /**return the current amount*/
- public function getAmount()
- {
- return $this->amount;
- }
-};
-
-/**this error is returned if there are no items in a cart and the user wants to order it*/
-define("CE_NOITEMS",1);
-/**this error is returned if the user tries to buy a ticket for a cancelled event*/
-define("CE_EVENTCANCELLED",10);
-/**this error is returned if the event does not have that many tickets left*/
-define("CE_EVENTNOTICKETS",11);
-/**this error is returned if the user wants to buy tickets for an unknown event (internal error?)*/
-define("CE_EVENTUNKNOWN",12);
-/**this error is returned if the event is already over or tickets cannot be purchased anymore*/
-define("CE_EVENTOVER",13);
-/**this error is returned if an invalid voucher value is ordered*/
-define("CE_INVALIDVOUCHER",20);
-
-/**instantiated by Cart::orderCheck to report errors*/
-class CartError
-{
- private $etype;
- private $eventid;
-
- /**instantiates an error object of the given type and optionally for the given event*/
- public function __construct($errtype,$eid=false)
- {
- $this->etype=$errtype;
- $this->eventid=$eid;
- }
-
- /**returns the error type (see CE_* constants)*/
- public function errorType()
- {
- return $this->etype;
- }
-
- /**returns the event id associated with this error (false if none)*/
- public function eventId()
- {
- return $this->eventid;
- }
-
- /**returns the Event object associated with this error (false if none)*/
- public function eventObject()
- {
- if($this->eventid===false)return false;
- return new Event($this->eventid);
- }
-
- /**returns a nice printable string*/
- public function toString()
- {
- $ret=i18n("Error: ");
- switch($this->etype){
- case CE_NOITEMS:$ret.=i18n("No items in cart.");break;
- case CE_EVENTCANCELLED:$ret.=i18n("Event has been cancelled.");break;
- case CE_EVENTNOTICKETS:$ret.=i18n("No more tickets available.");break;
- case CE_EVENTUNKNOWN:$ret.=i18n("Unknown Event.");break;
- case CE_EVENTOVER:$ret.=i18n("Cannot order tickets from past.");break;
- case CE_INVALIDVOUCHER:$ret=i18n("Voucher is invalid.");break;
- }
- return $ret;
- }
-};
-
-/**this class represents a shopping cart*/
-class Cart
-{
- private $cartid=false;
-
- /**reloads a cart from the database, if $id is false a new one is created, use isValid() to check whether the cart really exists in the DB (it may have expired)*/
- public function __construct($id=false)
- {
- global $db;
- global $CartTimeout;
-
- //prune cart table
- $db->deleteRows("cart", "timeout < ".time());
-
- if($id===false){
- $db->beginTransaction();
- while(1){
- //generate ID
- $id=getRandom(128);
- //check it does not exist
- $res=$db->select("cart","cartid","cartid=".$db->escapeString($id));
- if(count($res)==0){
- $this->cartid=$id;
- break;
- }
- }
- //create entry
-
- $timeout = time()+$CartTimeout ;
-// print $timeout;
- $db->insert("cart",array("cartid"=>$id,"timeout"=>$timeout));
- $db->commitTransaction();
- }else{
- //check that cart exists
- $res=$db->select("cart","cartid","cartid=".$db->escapeString($id));
- if(count($res)>0)$this->cartid=$id;
- }
- }
-
- /**returns true if this is a valid shopping cart, if it returns false, try to create a new one*/
- public function isValid()
- {
- return $this->cartid!==false;
- }
-
- /**returns the ID of this cart, returns false if the cart is not valid*/
- public function getCartId()
- {
- return $this->cartid;
- }
-
- /**use this to get all existing tickets in this cart, then manipulate the tickets directly*/
- public function getTickets()
- {
- global $db;
- if($this->cartid===false)return array();
- $res=$db->select("cart_ticket","*","cartid=".$db->escapeString($this->cartid));
- $ret=array();
- reset($res);
- if(count($res)>0)
- foreach($res as $k => $tc)
- $ret[]=new CartTicket($tc["cartid"],$tc["eventid"],$tc["amount"]);
- return $ret;
- }
-
- /**use this to get tickets by eventid; returns false if it does not exist*/
- public function getTicketsByEvent($eventid)
- {
- global $db;
- $where="cartid=".$db->escapeString($this->cartid)." AND eventid=".$db->escapeInt($eventid);
- $res=$db->select("cart_ticket","*",$where);
- if(count($res) > 0)
- return new CartTicket($res[0]["cartid"],$res[0]["eventid"],$res[0]["amount"]);
- else
- return false;
- }
-
- /**use this to add tickets, returns new CartTicket object or false if the event does not exist or is cancelled*/
- public function addTickets($eventid,$amount)
- {
- global $db;
- //sanity check
- if($amount<=0)return false;
- $this->renewCart();
- //check that ticket can be sold
- $event=new Event($eventid);
- if($event->isCancelled())return false;
- //begin transaction, get current data
- $db->beginTransaction();
- $where="cartid=".$db->escapeString($this->cartid)." AND eventid=".$db->escapeInt($eventid);
- $res=$db->select("cart_ticket","*",$where);
- if(count($res)>0){
- $amount+=$res[0]["amount"];
- $ret=$db->update("cart_ticket",array("amount"=>$amount),$where);
- }else{
- //insert into cart
- $ret=$db->insert("cart_ticket",array("cartid"=>$this->cartid,"eventid"=>$eventid,"amount"=>$amount));
- }
- if($ret===false){
- $db->rollbackTransaction();
- return false;
- }
- $db->commitTransaction();
- return new CartTicket($this->cartid,$eventid,$amount);
- }
-
- /**checks that the whole content of the cart can be ordered; returns an empty array on success or an array of CartError objects on failure*/
- public function orderCheck()
- {
- global $db;
- //NOTE: only covers online order
- $ret=array();
- //go through events
- global $db;
- $itemcnt=0;
- $res=$db->select("cart_ticket","*","cartid=".$db->escapeString($this->cartid));
- $orderstop=($db->getConfig("OrderStop")+0)*3600;
- if(count($res)>0)
- foreach($res as $k=>$tc){
- $evt=new Event($tc["eventid"]);
- //check that tickets can be sold
- if(!$evt->exists())
- $ret[]=new CartError(CE_EVENTUNKNOWN,$tc["eventid"]);
- else
- if($evt->availableTicketAmount()<$tc["amount"])
- $ret[]=new CartError(CE_EVENTNOTICKETS,$tc["eventid"]);
- else
- if(($evt->getStartTime()-$orderstop)<=time())
- $ret[]=new CartError(CE_EVENTOVER,$tc["eventid"]);
- else
- if($evt->isCancelled())
- $ret[]=new CartError(CE_EVENTCANCELLED,$tc["eventid"]);
- else
- $itemcnt++;
- }
- //check voucher values
- $validvouchers=explode(" ",$db->getConfig("ValidVouchers"));
- $res=$db->select("cart_voucher", "cvid,value", "cartid=".$db->escapeString($this->cartid));
- foreach($res as $k=>$vc){
- if(in_array("".$vc["value"],$validvouchers))
- $itemcnt++;
- else
- $ret[]=new CartError(CE_INVALIDVOUCHER);
- }
- //check that we have something to order
- if($itemcnt<=0)
- $ret[]=new CartError(CE_NOITEMS);
- //return...
- return $ret;
- }
-
- /**makes sure the cart continues to exist*/
- public function renewCart()
- {
- global $db,$CartTimeout;
- if ($this->isValid()) {
- $db->update("cart", array("timeout"=>(time()+$CartTimeout)), "cartid=".$db->escapeInt($this->cartid));
- }
- }
-
- /**deletes a cart and all its tickets */
- public function destroyCart()
- {
- global $db;
- if ($this->isValid()) {
- $db->beginTransaction();
- $db->deleteRows("cart_ticket", "cartid=".$db->escapeInt($this->cartid));
- $db->deleteRows("cart", "cartid=".$db->escapeInt($this->cartid));
- $db->commitTransaction();
- }
- }
-
- /**adds the shipping address to the cart*/
- public function addShippingAddress($address)
- {
- global $db;
- if ($this->isValid()) {
- $db->update("cart", array("shippingaddress"=>$address), "cartid=".$db->escapeString($this->cartid));
- }
- }
-
- /**adds the customer comments to the cart*/
- public function addOrderComments($comment)
- {
- global $db;
- if ($this->isValid()) {
- $db->update("cart", array("ordercomments"=>$comment), "cartid=".$db->escapeString($this->cartid));
- }
- }
-
- /**returns the shipping address for the cart*/
- public function getShippingAddress()
- {
- global $db;
- if ($this->isValid()) {
- $res = $db->select("cart", "shippingaddress", "cartid=".$db->escapeString($this->cartid));
- if (count($res) > 0)
- return $res[0]["shippingaddress"];
- else
- return false;
- }
- }
-
- /**returns the customer comments for the cart*/
- public function getOrderComments()
- {
- global $db;
- if ($this->isValid()) {
- $res = $db->select("cart", "ordercomments", "cartid=".$db->escapeString($this->cartid));
- if (count($res) > 0)
- return $res[0]["ordercomments"];
- else
- return false;
- }
- }
-};
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-/*(c) Konrad Rosenbaum, 2007; see COPYING for details*/
-
-/* TRANSLATOR php:: */
-
-/**this class can be used to access a customers data*/
-class Customer
-{
- private $id;
- private $email;
- private $name;
- private $address;
- private $contact;
-
- /**construct an empty customer; if $id is given it tries to pre-load from the database*/
- public function __construct($id=false)
- {
- global $db;
-
- $this->id=false;
- if($id!==false){
- $this->getByID($id);
- }
- }
-
- /**tries to get the customer by its ID, returns false if it fails*/
- public function getByID($id)
- {
- global $db;
- $res=$db->select("customer","customerid","customerid=".$db->escapeInt($id));
- if(count($res)>0){
- $this->id=$id+0;
- return true;
- }else
- return false;
- }
-
- /**tries to get the customer by its email address, returns false if it fails*/
- public function getByMail($mail)
- {
- global $db;
- $res=$db->select("webuser","customerid","email=".$db->escapeString($mail));
- if(count($res)>0){
- $this->id=$res[0]["customerid"];
- return true;
- }else
- return false;
- }
-
- /** returns the ID of the customer */
- public function getID()
- {
- if($this->id===false)
- return "";
- else
- return $this->id;
- }
-
- /**returns whether the customer has a valid id*/
- public function isValid()
- {
- if($this->id===false)return false;
- if($this->id<0)return false;
- return true;
- }
-
- /** returns the name of the customer */
- public function getName()
- {
- global $db;
- if($this->id===false)
- return "";
- else {
- $res = $db->select("customer", "name", "customerid=".$db->escapeInt($this->id));
- if (count($res) > 0)
- return $res[0]["name"];
- else
- return "";
- }
- }
-
- /** returns the email address of the customer */
- public function getEmail()
- {
- global $db;
- if($this->id===false)
- return "";
- else {
- $res = $db->select("webuser", "email", "customerid=".$db->escapeInt($this->id));
- if (count($res) > 0)
- return $res[0]["email"];
- else
- return "";
- }
-
- }
-
- /** returns the address of the customer */
- public function getAddress()
- {
- global $db;
- if($this->id===false)
- return "";
- else {
- $res = $db->select("customer", "address", "customerid=".$db->escapeInt($this->id));
- if (count($res) > 0)
- return $res[0]["address"];
- else
- return "";
- }
-
- }
-
- /** returns the contact data of the customer */
- public function getContact()
- {
- global $db;
- if($this->id===false)
- return "";
- else {
- $res = $db->select("customer", "contact", "customerid=".$db->escapeInt($this->id));
- if (count($res) > 0)
- return $res[0]["contact"];
- else
- return "";
- }
-
- }
-
- /**returns the data in an array suitable for the web-page-renderer*/
- public function getParserData()
- {
- return array("CUST_NAME"=>$this->getName(), "CUST_EMAIL"=>$this->getEmail(), "CUST_ADDRESS"=>$this->getAddress(), "CUST_CONTACT"=>$this->getContact());
- }
-
- /**checks whether the customer exists in the database; getByID or getByMail must have been called first*/
- public function exists()
- {
- return $this->id !== false;
- }
-
- /**creates the customer in the database; getByID or getByMail must not have been called yet;
- returns the new ID on success or false on failure*/
- public function create($name)
- {
- if($this->id!==false)return;
- global $db;
- $this->id=$db->insert("customer",array("name"=>$name));
- return $this->id;
- }
-
- /**sets the email of this customer*/
- public function setMail($mail)
- {
- if($this->id===false)return;
- global $db;
- $db->beginTransaction();
- $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($this->id));
- if(count($res)==1)
- $db->update("webuser",array("email"=>$mail),"customerid=".$db->escapeInt($this->id));
- else
- $db->insert("webuser",array("email"=>$mail,"customerid"=>$this->id));
- $db->commitTransaction();
- }
-
- /**sets the password of this customer*/
- public function setPassword($pwd)
- {
- if($this->id===false)return;
- global $db;
- $pass=calcPasswd($pwd,getSalt());
- $db->beginTransaction();
- $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($this->id));
- if(count($res)==1)
- $db->update("webuser",array("passwd"=>$pass),"customerid=".$db->escapeInt($this->id));
- else
- $db->insert("webuser",array("passwd"=>$pass,"customerid"=>$this->id));
- $db->commitTransaction();
- }
-
- /**sets the address of this customer*/
- public function setAddress($address)
- {
- if($this->id===false)
- return;
- global $db;
- $db->update("customer", array("address"=>$address), "customerid=".$db->escapeInt($this->id));
- }
-
- /**sets the contact data of this customer*/
- public function setContact($contact)
- {
- if($this->id===false)
- return;
- global $db;
- $db->update("customer", array("contact"=>$phone), "customerid=".$db->escapeInt($this->id));
- }
-
- /**checks whether $password matches the stored password for this customer; returns true on success*/
- public function authenticate($passwd)
- {
- if($this->id===false)return false;
- //get record
- global $db;
- $res=$db->select("webuser","passwd","customerid=".$db->escapeInt($this->id));
- //found anything?
- if(count($res)<0)return false;
- //is it a password
- if(!is_string($res[0]["passwd"]) || strlen($res[0]["passwd"])<10)return false;
- //check
- $pwd=explode(":",$res[0]["passwd"]);
- $pwd2=calcPasswd($passwd,$pwd[0]);
- return $pwd2 == $res[0]["passwd"];
- }
-};
-
-/**machine interface: get the list of all existing customers*/
-function getCustomerListXml()
-{
- global $db;
- //return customers
- $res=$db->select("customer","customerid,name","");
- $xml=new DOMDocument;
- $root=$xml->createElement("CustomerList");
- if(count($res)>0)
- foreach($res as $k => $rm){
- $cs=$xml->createElement("Customer");
- $cs->setAttribute("id",$rm["customerid"]);
- $cs->setAttribute("name",$rm["name"]);
- $root->appendChild($cs);
- }
- $xml->appendChild($root);
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXML());
-}
-
-/**machine interface: get a specific customer*/
-function getCustomerXml($cid)
-{
- global $db;
- //return customers
- $res=$db->select("customer","*","customerid=".$db->escapeInt($cid));
- if(count($res)>0){
- $xml=new DOMDocument;
- $cs=$xml->createElement("Customer");
- $cs->setAttribute("id",$res[0]["customerid"]);
- $cs->setAttribute("name",$res[0]["name"]);
- $cs->appendChild($xml->createElement("Address",xq($res[0]["address"])));
- $cs->appendChild($xml->createElement("Contact",xq($res[0]["contact"])));
- $cs->appendChild($xml->createElement("Comment",xq($res[0]["comments"])));
- $res=$db->select("webuser","email","customerid=".$db->escapeInt($cid));
- if(count($res)>0)
- $cs->setAttribute("mail",$res[0]["email"]);
- $xml->appendChild($cs);
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXML());
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Unknown Customer"));
- }
-}
-
-/**machine interface: set a customer*/
-function setCustomerXml($xmldata)
-{
- //TODO:do more extensive syntax checking and better error reporting
- //get XML
- $xml=new DOMDocument;
- if($xml->loadXML($xmldata)===false){
- header("X-MagicSmoke-Status: SyntaxError");
- die(tr("Unable to parse XML."));
- }
- //stage 2: extract data from XML
- $doc=$xml->documentElement;
- global $db;
- //get data
- if($doc->hasAttribute("id"))
- $id=$doc->getAttribute("id")+0;
- else $id=-1;
- $dt["name"]=$doc->getAttribute("name");
- $dt["address"]="";
- $dt["contact"]="";
- $dt["comments"]="";
- foreach($doc->getElementsByTagName("Address") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $dt["address"]=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("Contact") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $dt["contact"]=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("Comment") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $dt["comments"]=trim($cn->wholeText);
-
- if($id>=0){
- $db->update("customer",$dt,"customerid=".$db->escapeInt($id));
- header("X-MagicSmoke-Status: Ok");
- print($id);
- }else{
- $id=$db->insert("customer",$dt);
- header("X-MagicSmoke-Status: Ok");
- print($id);
- }
-}
-
-/**machine interface: delete or merge customers*/
-function deleteCustomerXml($txt)
-{
- global $db;
- //find customer and mergee ID
- $lst=explode(" ",trim($txt));
- if($lst===false || count($lst)<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot find customer ID to delete.");
- return;
- }
- $cust=$lst[0]+0;
- if(!is_numeric($lst[0]) || $cust < 0){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Customer ID, cannot delete.");
- return;
- }
- $mrg=false;
- if(count($lst)>1){
- $mrg=$lst[1]+0;
- if(!is_numeric($lst[1]) || $mrg < 0){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Customer ID, cannot merge.");
- return;
- }
- }
- //start transaction
- $db->beginTransaction();
- //find both IDs
- $res=$db->select("customer","customerid","customerid=".$db->escapeInt($cust));
- if($res===false || count($res)<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot find Customer ID, cannot delete.");
- $db->rollbackTransaction();
- return;
- }
- if($mrg!==false){
- $res=$db->select("customer","customerid","customerid=".$db->escapeInt($mrg));
- if($res===false || count($res)<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot find Customer ID, cannot delete.");
- $db->rollbackTransaction();
- return;
- }
- }
- //cancel all sessions of deletee
- $db->deleteRows("websession","customerid=".$db->escapeInt($cust));
- //if merge:
- if($mrg!==false){
- //rewrite DB objects (orders)
- $b=$db->update("order",array("customerid"=>$mrg),"customerid=".$db->escapeInt($cust))!==false;
- //merge web-account; delete if another exists, otherwise move it
- $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($mrg));
- if($res===false || count($res)<1){
- $b&=$db->update("webuser",array("customerid"=>$mrg),"customerid=".$db->escapeInt($cust))!==false;
- }else{
- $db->deleteRows("webuser","customerid=".$db->escapeInt($cust));
- }
- //check success
- if(!$b){
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot merge customers.");
- $db->rollbackTransaction();
- return;
- }
- }
- //attempt deletion
- $b=$db->deleteRows("webuser","customerid=".$db->escapeInt($cust))!==false;
- $b&=$db->deleteRows("customer","customerid=".$db->escapeInt($cust))!==false;
- if(!$b){
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot delete customer.");
- $db->rollbackTransaction();
- return;
- }
- //success!
- $db->commitTransaction();
- header("X-MagicSmoke-Status: Ok");
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: event
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/* TRANSLATOR php:: */
-
-/**Get an overview of all events:
-returns an array of array("eventid"=>int, "title"=>string,"starttime"=>int)*/
-function getAllEvents()
-{
- global $db;
- return $db->select("event","eventid,title,starttime,capacity","","ORDER BY starttime");
-}
-
-/**Get an overview of events: returns an array of array("eventid"=>int); used by createEventList; returns only events in the future and ordered*/
-function getAllEventsForListing()
-{
- global $db;
- return $db->select("event","eventid","starttime>=".time()." ORDER BY starttime");
-}
-
-
-/**Wrapper around event table*/
-class Event
-{
- private $evid;
- private $title;
- private $artist;
- private $description;
- private $starttime;
- private $endtime;
- private $roomid;
- private $capacity;
- private $defaultprice;
- private $cancelreason;
-
- /**creates an event object, the id must be a valid eventid gotten from getAllEvents or -1 if you
- want to create a new event*/
- public function __construct($id)
- {
- global $db;
- //check that event exists
- $id=$id+0;
- if($id<0)$id=-1;
- else{
- $res=$db->select("event","*","eventid=$id");
- if(count($res)!=1)$id=-1;
- else{
- $this->title=$res[0]["title"];
- $this->artist=$res[0]["artist"];
- $this->description=$res[0]["description"];
- $this->starttime=$res[0]["starttime"];
- $this->endtime=$res[0]["endtime"];
- $this->roomid=$res[0]["roomid"];
- $this->capacity=$res[0]["capacity"];
- $this->defaultprice=$res[0]["defaultprice"];
- $this->cancelreason=$res[0]["cancelreason"];
- }
- }
- //remember it
- $this->evid=$id;
- }
-
- /**returns whether this event already exists in the database*/
- public function exists()
- {
- return $this->evid >= 0;
- }
-
- /**returns the ID of the event*/
- public function getEventId(){return $this->evid;}
- /**returns the start time of the event*/
- public function getStartTime(){return $this->starttime;}
- /**returns the end time of the event*/
- public function getEndTime(){return $this->endtime;}
- /**returns the ticket capacity of the event*/
- public function getCapacity(){return $this->capacity;}
- /**returns the default price in cent of the event*/
- public function getDefaultPrice(){return $this->defaultprice;}
- /**returns whether the event is cancelled*/
- public function isCancelled()
- {
- if($this->cancelreason===false)return false;
- else return $this->cancelreason!="";
- }
- /**returns the title of the event*/
- public function getTitle(){return $this->title;}
- /**returns the artist of the event*/
- public function getArtist(){return $this->artist;}
- /**returns the room/place of the event*/
- public function getRoomId(){return $this->roomid;}
- /**returns the description of the event*/
- public function getDescription(){return $this->description;}
- /**returns the reason why the event is cancelled if isCancelled() returns true*/
- public function getCancelReason(){return $this->cancelreason;}
-
- /**returns the data in an array suitable for the web-page-renderer*/
- public function getParserData()
- {
- $lang = LanguageManager::singleton();
-
- return array(
- "DATE"=>$lang->getDate($this->getStartTime()),
- "TIME"=>$lang->getTime($this->getStartTime()),
- "PLACE"=>$this->getRoomId(),
- "EVENTNAME"=>$this->getTitle(),
- "ARTIST"=>$this->getArtist(),
- "PRICE"=>$lang->getPrice($this->getDefaultPrice()),
- "ID"=>$this->getEventId(),
- "DESCRIPTION"=>$this->getDescription(),
- "AVAILABLETICKETS"=>$this->availableTicketAmount()
- );
- }
-
- /**returns how many tickets can still be sold*/
- public function availableTicketAmount()
- {
- global $db;
- //is it valid?
- if($this->evid<0)return 0;
- //is it cancelled?
- if($this->isCancelled())return 0;
- //is it already over?
- if(time()>$this->endtime)return 0;
- //get existing tickets
- $res=$db->select("ticket","status","eventid=".$db->escapeInt($this->evid));
- $amt=0;
- if(count($res)>0)
- foreach($res as $tk){
- if(($tk["status"] & TICKET_MBLOCK)!=0)$amt++;
- }
- return $this->capacity - $amt;
- }
-};
-
-/**machine-function: get the requested events as XML data*/
-function getEventsXml($evts)
-{
- header("X-MagicSmoke-Status: Ok");
- $xml=new DOMDocument;
- $root=$xml->createElement("EventData");
- if(count($evts)>0)
- foreach($evts as $k => $eid){
- $ev=new Event($eid);
- if(!$ev->exists())continue;
- $nod=$xml->createElement("Event");
- $nod->setAttribute("id",$eid);
- $nod->setAttribute("start",$ev->getStartTime());
- $nod->setAttribute("end",$ev->getEndTime());
- $nod->setAttribute("capacity",$ev->getCapacity());
- $nod->setAttribute("defaultprice",$ev->getDefaultPrice());
- $nod->setAttribute("cancelled",$ev->isCancelled()?"true":"false");
- $nod->appendChild($xml->createElement("Title",xq($ev->getTitle())));
- $nod->appendChild($xml->createElement("Artist",xq($ev->getArtist())));
- $nod->appendChild($xml->createElement("Room",$ev->getRoomId()));
- $nod->appendChild($xml->createElement("Description",xq($ev->getDescription())));
- if($ev->isCancelled())
- $nod->appendChild($xml->createElement("CancelReason",xq($ev->getCancelReason())));
- $root->appendChild($nod);
- }
- $xml->appendChild($root);
- print($xml->saveXml());
-}
-
-/**Machine-Interface: set an event (it's not possible to set from Web-Browser)*/
-function setEventXml($xmldata)
-{
- global $db;
- //stage 1: parse XML
- $xml=new DOMDocument;
- if($xml->loadXML($xmldata)===false){
- header("X-MagicSmoke-Status: SyntaxError");
- echo "Unable to parse XML.";
- return;
- }
- //stage 2: extract data from XML
- $doc=$xml->documentElement;
- $eventid=trim($doc->getAttribute("id"));
- $start=trim($doc->getAttribute("start"))+0;
- $end=trim($doc->getAttribute("end"))+0;
- $capacity=trim($doc->getAttribute("capacity"))+0;
- $defaultprice=trim($doc->getAttribute("defaultprice"))+0;
- $title=$artist=$description=$room=$cancelreason="";
- foreach($doc->getElementsByTagName("Title") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $title=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("Artist") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $artist=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("Description") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $description=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("Room") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $room=trim($cn->wholeText);
- foreach($doc->getElementsByTagName("CancelReason") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $cancelreason=trim($cn->wholeText);
- //stage 3: validate input
- if(ereg("^([0-9]+)|(new)$",$eventid)===false){
- header("X-MagicSmoke-Status: Error");
- echo "Invalid Event ID, must be positive integer or 'new'.";
- return;
- }
- if($title==""){
- header("X-MagicSmoke-Status: Error");
- echo "Empty Title.";
- return;
- }
- if($artist==""){
- header("X-MagicSmoke-Status: Error");
- echo "No Artist.";
- return;
- }
- $db->beginTransaction();
- $res=$db->select("room","roomid","roomid=".$db->escapeString($room));
- if(count($res)<1){
- //end DB transaction
- $db->rollbackTransaction();
- //error
- header("X-MagicSmoke-Status: Error");
- echo "Invalid Room.";
- return;
- }
-
- //stage 4: call DB
- $data["title"]=$title;
- $data["artist"]=$artist;
- $data["description"]=$description;
- $data["starttime"]=$start;
- $data["endtime"]=$end;
- $data["roomid"]=$room;
- $data["capacity"]=$capacity;
- $data["defaultprice"]=$defaultprice;
- if($eventid=="new"){
- //create event
- $eventid=$db->insert("event",$data);
- if($eventid===false){
- header("X-MagicSmoke-Status: Error");
- echo "Error accessing database.";
- return;
- }
- }else{
- //check ID
- $eventid=$eventid+0;
- $res=$db->select("event","eventid,cancelreason","eventid=".$eventid);
- if(count($res)==0){
- header("X-MagicSmoke-Status: Error");
- echo "Invalid Event: eventid does not exist in database.";
- $db->rollbackTransaction();
- return;
- }
- if($res[0]["cancelreason"]!==NULL && $res[0]["cancelreason"]!="")
- $data["cancelreason"]=$cancelreason." ";
- $db->update("event",$data,"eventid=".$eventid);
- }
- $db->commitTransaction();
- header("X-MagicSmoke-Status: Ok");
- echo $eventid;
-}
-
-/**machine interface: get XML data for event summary*/
-function getEventSummaryXml($evid)
-{
- global $db;
- //collect statistics
- $res=$db->select("ticket","price,status,orderid","eventid=".$db->escapeInt($evid));
- $tcreserve=0;
- $tccancel=0;
- $totalmoney=0;
- $total=0;
- $tcbought=array();
- $tcused=array();
- $tcall=array();
- $oids=array();
- $soids="";
- foreach($res as $tc){
- switch($tc["status"]){
- case TICKET_RESERVED:$tcreserve++;break;
- case TICKET_CANCELLED:$tccancel++;break;
- case TICKET_BOUGHT:
- if(isset($tcbought[$tc["price"]]))
- $tcbought[$tc["price"]]++;
- else
- $tcbought[$tc["price"]]=1;
- if(isset($tcall[$tc["price"]]))
- $tcall[$tc["price"]]++;
- else
- $tcall[$tc["price"]]=1;
- $totalmoney+=$tc["price"];
- $total++;
- break;
- case TICKET_USED:
- if(isset($tcused[$tc["price"]]))
- $tcused[$tc["price"]]++;
- else
- $tcused[$tc["price"]]=1;
- if(isset($tcall[$tc["price"]]))
- $tcall[$tc["price"]]++;
- else
- $tcall[$tc["price"]]=1;
- $totalmoney+=$tc["price"];
- $total++;
- break;
- }
- if($tc["orderid"]!==false && !in_array($tc["orderid"],$oids)){
- $oids[]=$tc["orderid"];
- $soids.=" ".$tc["orderid"];
- }
- }
- //get comments
- sort($oids);
- $comments=array();
- foreach($oids as $oid){
- $res=$db->select("order","comments,customerid","orderid=".$db->escapeInt($oid));
- if($res===false || count($res)==0)continue;
- if($res[0]["comments"]===false || trim($res[0]["comments"])=="")continue;
- $res2=$db->select("customer","name","customerid=".$db->escapeInt($res[0]["customerid"]));
- if($res2===false || count($res2)==0)continue;
- $comments[]=array("cid"=>$res[0]["customerid"],"cs"=>$res2[0]["name"],"cm"=>$res[0]["comments"],"oid"=>$oid);
- }
- //create XML
- $xml=new DomDocument;
- $doc=$xml->createElement("EventSummary");
- $doc->setAttribute("reserved",$tcreserve);
- $doc->setAttribute("cancelled",$tccancel);
- $doc->setAttribute("totaltickets",$total);
- $doc->setAttribute("totalmoney",$totalmoney);
- $doc->setAttribute("event",$evid);
- $prices=array_keys($tcall);
- sort($prices);
- foreach($prices as $price){
- $p=$xml->createElement("Tickets");
- $p->setAttribute("price",$price);
- $p->setAttribute("bought",$tcall[$price]);
- if(isset($tcbought[$price]))
- $p->setAttribute("unused",$tcbought[$price]);
- else
- $p->setAttribute("unused",0);
- if(isset($tcused[$price]))
- $p->setAttribute("used",$tcused[$price]);
- else
- $p->setAttribute("used",0);
- $doc->appendChild($p);
- }
- foreach($comments as $comment){
- $p=$xml->createElement("Comment");
- $p->setAttribute("customerid",$comment["cid"]);
- $p->setAttribute("customer",$comment["cs"]);
- $p->setAttribute("orderid",$comment["oid"]);
- $p->appendChild($xml->createTextNode($comment["cm"]));
- $doc->appendChild($p);
- }
- $doc->appendChild($xml->createElement("Orders",trim($soids)));
- $xml->appendChild($doc);
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXml());
-}
-
-function cancelEventXml($data)
-{
- $lst=explode("\n",$data);
- if(count($lst)!=2){
- header("X-MagicSmoke-Status: Error");
- die(tr("Malformed request."));
- }
- $eid=trim($lst[0]);
- if(!is_numeric($eid)){
- header("X-MagicSmoke-Status: Error");
- die(tr("The event id must be numeric."));
- }
- $eid=$eid+0;
- if($eid<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Invalid event id."));
- }
- //check event id
- global $db;
- $db->beginTransaction();
- $res=$db->select("event","eventid,cancelreason","eventid=".$db->escapeInt($eid));
- if(count($res)<1){
- header("X-MagicSmoke-Status: Error");
- $db->rollbackTransaction();
- die(tr("Invalid event id."));
- }
- //update cancelreason
- $db->update("event",array("cancelreason"=>(trim($lst[1])." ")),"eventid=".$db->escapeInt($eid));
- //propagate to tickets (does not hurt to do this multiple times)
- $db->update("ticket",array("status"=>TICKET_CANCELLED),"eventid=".$db->escapeInt($eid)." AND status!=".$db->escapeInt(TICKET_USED));
- $db->commitTransaction();
- header("X-MagicSmoke-Status: Ok");
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: order
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/* TRANSLATOR php:: */
-
-/**an order has been placed, this flag is set when the order is filled and finalized*/
-define("ORDER_PLACED",0);
-/**the order has been sent out (it must be placed first; direct sales are automatically sent)*/
-define("ORDER_SENT",1);
-/**the order has been sold directly, alias for ORDER_SENT */
-define("ORDER_SOLD",1);
-/**the order has been cancelled by the user (this is only possible as long as no money has been paid and nothing has been sent yet)*/
-define("ORDER_CANCELLED",2);
-/**the order is on reservation status: it is placed, but is waiting for confirmation, hence no shipment is possible and the tickets cannot be used*/
-define("ORDER_RESERVED",4);
-/**the order has been finalized; no more changes possible; TODO: define exactly what this means*/
-define("ORDER_CLOSED",0x80);
-
-/**order validation: output XML*/
-define("VALIDATEORDER_XML",1);
-/**order validation: return whether it can be ordered (no XML)*/
-define("VALIDATEORDER_ORDER",2);
-/**order validation: return whether it can be sold (no XML)*/
-define("VALIDATEORDER_SALE",3);
-
-
-
-/**this class represents an order in the database*/
-class Order
-{
- //cache
- private $orderid=false;
- private $status=false;
- private $customerid=false;
- private $deliveryaddress="";
- private $comment="";
- private $seller=false;
- private $amountpaid=0;
- private $ordertime=false;
- private $senttime=false;
- private $shippingcosts=0;
- private $shippingtype=false;
- //to be submitted
- private $newtickets;
- private $newticketamounts;
- private $newvouchers;
-
- /**instantiates an existing order with the given orderid or creates a new one if orderid===false*/
- public function __construct($orderid=false)
- {
- global $db;
- if($orderid!==false){
- //get it from DB
- $res=$db->select("order","*","orderid=".$db->escapeInt($orderid));
- if(count($res)==0){
- return;
- }
- $this->orderid=$res[0]["orderid"];
- $this->status=$res[0]["status"];
- $this->customerid=$res[0]["customerid"];
- $this->deliveryaddress=$res[0]["deliveryaddress"];
- $this->comment=$res[0]["comments"];
- $this->seller=$res[0]["soldby"];
- $this->amountpaid=$res[0]["amountpaid"];
- $this->ordertime=$res[0]["ordertime"];
- $this->senttime=$res[0]["senttime"];
- if(!$db->isNull($res[0]["shippingtype"])){
- $this->shippingcosts=$res[0]["shippingcosts"]+0;
- $this->shippingtype=$res[0]["shippingtype"];
- }
- }
- $this->newtickets=array();
- $this->newticketamounts=array();
- $this->newvouchers=array();
- }
-
- /**returns whether the order can still be changed; this does not affect the modify routines*/
- public function canChange()
- {
- return $this->status == false;
- }
-
- /**returns whether the order is a valid DB object*/
- public function isValid()
- {
- return $this->orderid!==false;
- }
-
- /**returns the sent time as unix timestamp*/
- public function getSentTime()
- {
- return $this->senttime;
- }
-
- /**removes all items from the given Cart and enters them into itself; returns false if some items cannot be ordered or the order is already closed*/
- public function emptyCart($cart)
- {
- //check carts contents
- if(count($cart->orderCheck())>0)return false;
- //check myself
- if(!$this->canChange())return false;
- //get tickets
- $tick=$cart->getTickets();
- if(count($tick)>0)
- foreach($tick as $k=>$tc){
- $eid=$tc->getEventId();
- $amt=$tc->getAmount();
- $tc->changeAmount(0);
- for($i=0;$i<$amt;$i++)
- $this->newtickets[$eid][]=-1;
- }
- //TODO: get vouchers
-
- //get other fields
- if (!isEmpty($cart->getShippingAddress()))
- $this->deliveryaddress=$cart->getShippingAddress();
- else {
- $customer = new Customer($this->customerid);
- if ($customer->isValid())
- $this->deliveryaddress=$customer->getAddress();
- }
- $this->comment=$cart->getOrderComments();
- return true;
- }
-
- /**used by XML functions: add a single ticket for an event*/
- public function addTicket($eid,$price=-1)
- {
- $this->newtickets[$eid][]=$price;
- }
-
- /**used by XML functions: add a voucher (if value is omitted it equals price); returns true on success*/
- public function addVoucher($value,$price=false)
- {
- if(!is_numeric($value))return false;
- if($price===false)$price=$value;
- if(!is_numeric($price))return false;
- if($price<0 || $value<=0)return false;
- $this->newvouchers[]=array("price"=>$price,"value"=>$value);
- return true;
- }
-
- /**sets the customer of this order; returns true on success, false on failure*/
- public function setCustomer($cust)
- {
- global $db;
- if(!$this->canChange() || !$cust->isValid())return false;
- $this->customerid=$cust->getID();
- return true;
- }
-
- /**sets the customer of this order; returns true on success, false on failure*/
- public function setCustomerId($cust)
- {
- return $this->setCustomer(new Customer($cust));
- }
-
- /**sets the shipping type/price of the order; if price is omitted, it is taken from the DB; if type is false it means no shipping involved; returns true on success*/
- public function setShipping($stype,$sprice=false)
- {
- if(!$this->canChange())return false;
- //check for no shipping
- if($stype===false){
- $this->shippingtype=false;
- $this->shippingcosts=0;
- }
- //get DB data, check that type exists
- global $db;
- $res=$db->select("shipping","cost","shipid=".$db->escapeInt($stype));
- if($res===false || count($res)<1)return false;
- //check price
- if($sprice===false)$sprice=$res[0]["cost"];
- //remember
- $this->shippingtype=$stype+0;
- $this->shippingcosts=$sprice+0;
- return true;
- }
-
- /**places/finalizes the order; returns false on failure, true on success or if the order already was finalized()*/
- public function placeOrder($inistate=ORDER_PLACED)
- {
- //sanity check
-// print(1);
- if(!$this->canChange())return false;
- if((count($this->newtickets)+count($this->newvouchers))==0)return false;
- switch($inistate){
- case ORDER_PLACED:
- case ORDER_RESERVED:
- case ORDER_SOLD:
- //ok, understood
- break;
- default:
- //don't understand anything else
- return false;
- break;
- }
-// print("a");
- global $db,$session;
- $db->beginTransaction();
- if(!$this->validateOrder($inistate==ORDER_SOLD?VALIDATEORDER_SALE:VALIDATEORDER_ORDER)){
- $db->rollbackTransaction();
- return false;
- }
-// print(2);
- //create order, incl shipping
- $this->status=$inistate;
- if(isset($session))$usr=$session->getUser();
- else $usr=false;
- $this->seller=$usr;
- $this->ordertime=time();
- $this->amountpaid=0;
- $this->orderid=$db->insert("order",array("customerid"=>$this->customerid,"soldby"=>$usr,"deliveryaddress"=>$this->deliveryaddress,"status"=>$this->status,"ordertime"=>$this->ordertime,"comments"=>$this->comment,"amountpaid"=>0,"shippingtype"=>$this->shippingtype,"shippingcosts"=>$this->shippingcosts));
-// print(3);
- //orderid ok?
- if($this->orderid===false){
- $db->rollbackTransaction();
- return false;
- }
- //insert tickets
- $totalprice=$this->shippingcosts;
- foreach($this->newtickets as $evid=>$tcs){
- $amount=count($tcs);
- for($i=0;$i<$amount;$i++){
- $tick=new Ticket;
- $tick->setEventId($evid);
- if($tcs[$i]>=0)$tick->setPrice($tcs[$i]);
- $tick->addToOrder($this->orderid);
- $totalprice+=$tick->getPrice();
- //TODO: check return code of addToOrder
- }
- }
- //insert vouchers
- foreach($this->newvouchers as $vc){
- $vouc=new Voucher;
- $vouc->addToOrder($this->orderid,$vc["price"],$vc["value"]);
- $totalprice+=$vc["price"];
- //TODO: check return code of addToOrder
- }
- //update amountpaid for sales
- if($inistate==ORDER_SOLD){
- $db->update("order",array("amountpaid"=>$totalprice,"status"=>ORDER_SENT),"orderid=".$db->escapeInt($this->orderid));
- $this->status=ORDER_SENT;
- $this->amountpaid=$totalprice;
- }
-// print(4);
- $db->mkLog(array("orderid"=>$this->orderid,"orderpaid"=>$this->amountpaid,"orderdue"=>$totalprice),tr("create order"));
- //end
- $db->commitTransaction();
- return true;
- }
-
- /**validates the order against the database; returns whether it can be opened as an order; $mode must be one of the VALIDATEORDER_* constants; prints an order object fit for checkorder if $mode is VALIDATEORDER_XML*/
- public function validateOrder($mode)
- {
- global $db;
- $dumpxml=$mode==VALIDATEORDER_XML;
- $isSale=$mode==VALIDATEORDER_SALE;
- $ret=true;
- $price=0;
- $ostat="ok";
- $xml=new DomDocument;
- $ord=$xml->createElement("Order");
- //check customer
- $res=$db->select("customer","customerid","customerid=".$db->escapeInt($this->customerid));
- if(count($res)<1){
- //no customer: cannot work
- if($dumpxml===false)return false;
- $ostat="fail";
- $ret=false;
- $ord->setAttribute("customer","-1");
- }else
- $ord->setAttribute("customer",$this->customerid);
- //check tickets
- $orderstop=($db->getConfig("OrderStop")+0)*3600;
- $salestop=($db->getConfig("SaleStop")+0)*3600;
- $curtime=time();
- $totalprice=0;
- $ftid=0;
- foreach($this->newtickets as $evid => $tcs){
- $amount=count($tcs);
- $evt=new Event($evid);
- //check whether the event exists
- if(!$evt->exists()){
- if($dumpxml===false)return false;
- //create only one ticket and make it sound negative
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status","invalid");
- $ev->setAttribute("id",$ftid++);
- $ord->appendChild($ev);
- $ret=false;
- $ostat="fail";
- continue;
- }
- $stime=$evt->getStartTime();
- $etime=$evt->getEndTime();
- $estat="ok";
- //check whether we can still order
- if(($stime-$orderstop)<=$curtime){
- $estat="saleonly";
- //if this is an order: can't do it
- if(!$isSale){
- $ret=false;
- if($dumpxml===false)
- return false;
- }
- }
- //check whether we can still sell
- if(($etime-$salestop)<=$curtime){
- if($estat=="ok")$estat="orderonly";
- else $estat="toolate";
- //if this is a sale: can't do it
- if($isSale){
- $ret=false;
- if($dumpxml===false)
- return false;
- }
- }
- //set order state
- if($estat!="ok"){
- if($ostat=="ok")$ostat=$estat;
- else if($ostat!=$estat)$ostat="fail";
- }
- //create matching error XML for total order+sale failure
- if($estat=="toolate"){
- //create only one ticket and make it sound negative
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status",$estat);
- $ev->setAttribute("id",$ftid++);
- if($estat!="toolate")
- $ev->setAttribute("price",$evt->getDefaultPrice());
- $ord->appendChild($ev);
- continue;
- }
- //check whether event is cancelled
- if($evt->isCancelled()){
- if($dumpxml===false)return false;
- //create only one ticket and make it sound negative
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status","cancelled");
- $ev->setAttribute("id",$ftid++);
- $ord->appendChild($ev);
- $ret=false;
- continue;
- }
- //check whether enough tickets are available
- $avail=$evt->availableTicketAmount();
- if($avail<$amount){
- if($dumpxml===false)return false;
- //create a few (semi-)good ones
- for($i=0;$i<$avail;$i++){
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status",$estat);
- $ev->setAttribute("price",$evt->getDefaultPrice());
- $ev->setAttribute("id",$ftid++);
- $ord->appendChild($ev);
- $totalprice+=$evt->getDefaultPrice();
- }
- //create only one bad ticket
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status","exhausted");
- $ev->setAttribute("id",$ftid++);
- $ord->appendChild($ev);
- $ostat="fail";
- $ret=false;
- continue;
- }
- //survived all tests: finally create (semi-)good tickets
- for($i=0;$i<$amount;$i++){
- $ev=$xml->createElement("Ticket");
- $ev->setAttribute("event",$evid);
- $ev->setAttribute("status",$estat);
- $ev->setAttribute("price",$evt->getDefaultPrice());
- $ev->setAttribute("id",$ftid++);
- $ord->appendChild($ev);
- $totalprice+=$evt->getDefaultPrice();
- }
- }
-
- //check vouchers
- global $session;
- $cananyvval=$session->canExecute("_anyvoucher");
- $cananyvprc=$session->canExecute("_anypricevoucher");
- $vvals=array();
- foreach(explode(" ",$db->getConfig("ValidVouchers")) as $v)$vvals[]=$v+0;
- foreach($this->newvouchers as $vc){
- $vx=$xml->createElement("Voucher");
- $vx->setAttribute("price",$vc["price"]);
- $vx->setAttribute("value",$vc["value"]);
- $vx->setAttribute("id",$ftid++);
- //check for valid value
- if(!$cananyvval && !in_array($vc["value"],$vvals)){
- $vx->setAttribute("status",tr("invalidvalue","voucher state"));
- $ostat="fail";
- $ret=false;
- }else
- //check for value==price
- if(!$cananyvprc && $vc["price"]!=$vc["value"]){
- $vx->setAttribute("status",tr("invalidprice","voucher state"));
- $ostat="fail";
- $ret=false;
- }else
- $totalprice+=$vc["price"];
- //dump it
- $ord->appendChild($vx);
- }
-
- //check shipping
- if($this->shippingtype!==false){
- $cananyship=$session->canExecute("_anyshipping");
- $cananysprc=$session->canExecute("_repriceshipping");
- //check shipping type exists
- $res=$db->select("shipping","*","shipid=".$db->escapeInt($this->shippingtype));
- $sp=$xml->createElement("Shipping");
- if($res!==false && count($res)>0){
- //check user has right to use this
- if(!$res[0]["canallusers"] && !$cananyship){
- $sp->setAttribute("type","-1");
- $sp->setAttribute("price",0);
- $sp->appendChild($xml->createTextNode(tr("Shipping type not available to user.")));
- $ostat="fail";
- $ret=false;
- }else{
- //correct price
- if(!$cananysprc)
- $this->shippingcosts=$res[0]["cost"];
- //create target
- $sp->setAttribute("type",$this->shippingtype);
- $sp->setAttribute("price",$this->shippingcosts);
- $sp->appendChild($xml->createTextNode($res[0]["description"]));
- //add to sum
- $totalprice+=$this->shippingcosts;
- }
- }else{
- $sp->setAttribute("type","-1");
- $sp->setAttribute("price",0);
- $sp->appendChild($xml->createTextNode(tr("Illegal shipping type.")));
- $ostat="fail";
- $ret=false;
- }
- $ord->appendChild($sp);
- }
-
- //add other data and dump XML
- if($dumpxml){
- $ord->appendChild($xml->createElement("DeliveryAddress",xq($this->deliveryaddress)));
- $ord->appendChild($xml->createElement("Comment",xq($this->comment)));
- $ord->setAttribute("status",$ostat);
- $ord->setAttribute("totalprice",$totalprice);
- $xml->appendChild($ord);
- print($xml->saveXml());
- }
- //return result of tests
- return $ret;
- }
-
- /**returns the ID of this order or false if it is not in the database yet*/
- public function getOrderId()
- {
- return $this->orderid;
- }
-
- /**dumps the whole order as XML*/
- public function dumpXml()
- {
- $xml=new DomDocument;
- $doc=$xml->createElement("Order");
- $doc->setAttribute("id",$this->orderid);
- $doc->setAttribute("customer",$this->customerid);
- $doc->setAttribute("seller",$this->seller);
- $doc->setAttribute("ordertime",$this->ordertime);
- $doc->setAttribute("paid",$this->amountpaid);
- switch($this->status){
- case ORDER_PLACED:
- $doc->setAttribute("status","placed");
- break;
- case ORDER_SENT:
- $doc->setAttribute("status","sent");
- break;
- case ORDER_CANCELLED:
- $doc->setAttribute("status","cancelled");
- break;
- case ORDER_RESERVED:
- $doc->setAttribute("status","reserved");
- break;
- case ORDER_CLOSED:
- $doc->setAttribute("status","closed");
- break;
- default:
- $doc->setAttribute("status","error");
- break;
- }
- $doc->setAttribute("senttime",$this->senttime);
- //add Tickets
- $totalprice=0;
- global $db;
- $res=$db->select("ticket","ticketid","orderid=".$db->escapeInt($this->orderid));
- if($res!==false && count($res)>0)
- foreach($res as $tc){
- $tick=new Ticket($tc["ticketid"]);
- $tx=$xml->createElement("Ticket");
- $tx->setAttribute("event",$tick->getEventId());
- $tx->setAttribute("id",$tick->getTicketID());
- $tx->setAttribute("price",$tick->getPrice());
- $tx->setAttribute("status",$tick->xmlStatus());
- if($tick->mustBePaid())$totalprice+=$tick->getPrice();
- $doc->appendChild($tx);
- }
- //add vouchers
- $res=$db->select("voucher","voucherid,price,value,isused","orderid=".$db->escapeInt($this->orderid));
- if($res!==false && count($res)>0)
- foreach($res as $vc){
- $vx=$xml->createElement("Voucher");
- $vx->setAttribute("id",$vc["voucherid"]);
- $vx->setAttribute("price",$vc["price"]);
- $vx->setAttribute("value",$vc["value"]);
- $vx->setAttribute("used",$vc["isused"]?"1":"0");
- $totalprice+=$vc["price"];
- $doc->appendChild($vx);
- }
-
- //add shipping
- if($this->shippingtype !== false){
- $sx=$xml->createElement("Shipping");
- $sx->setAttribute("price",$this->shippingcosts);
- $sx->setAttribute("type",$this->shippingtype);
- $res=$db->select("shipping","*","shipid=".$db->escapeInt($this->shippingtype));
- if($res!==false && count($res)>0){
- $sx->appendChild($xml->createTextNode($res[0]["description"]));
- }
- $doc->appendChild($sx);
- if($this->status==ORDER_PLACED || $this->status==ORDER_SENT || $this->status==ORDER_RESERVED)
- $totalprice+=$this->shippingcosts;
- }
-
- //add sum
- $doc->setAttribute("totalprice",$totalprice);
-
- //add static fields
- $doc->appendChild($xml->createElement("DeliveryAddress",xq($this->deliveryaddress)));
- $doc->appendChild($xml->createElement("Comment",xq($this->comment)));
-
- //dump
- $xml->appendChild($doc);
- print($xml->saveXml());
- }
-
- /**returns the current status of the order*/
- public function getStatus()
- {
- return $this->status;
- }
-
- /**helper function: returns the total price of the order*/
- public function totalPrice()
- {
- global $db;
- //calculate amount due
- $totalprice=0;
- $res=$db->select("ticket","ticketid","orderid=".$db->escapeInt($this->orderid));
- if($res!==false && count($res)>0)
- foreach($res as $tc){
- $tick=new Ticket($tc["ticketid"]);
- if($tick->mustBePaid())$totalprice+=$tick->getPrice();
- }
- //add vouchers
- $res=$db->select("voucher","price","orderid=".$db->escapeInt($this->orderid));
- if($res!==false && count($res)>0)
- foreach($res as $vc){
- $totalprice+=$vc["price"];
- }
- //add shipping
- if($this->status==ORDER_PLACED || $this->status==ORDER_RESERVED || $this->status==ORDER_SENT)
- $totalprice+=$this->shippingcosts;
- return $totalprice;
- }
-
- /**helper function: returns the amount due to be paid; returns a negative value for refunds*/
- public function amountDue()
- {
- //compare with what has been paid, return diff
- return $this->totalPrice()-$this->amountpaid;
- }
-
- /**returns the amount already paid*/
- public function amountPaid()
- {
- return $this->amountpaid;
- }
-
- /**helper function: returns whether the order has outstanding payments/refunds*/
- public function getPaymentStatus()
- {
- $adue=$this->amountDue();
- if($adue==0)return "ok";
- if($adue<0)return "needrefund";
- else return "needpayment";
- }
-
- /**sets the order to being shipped, returns true on success*/
- public function setShipped($stm=-1)
- {
- if(!$this->isValid())return false;
- if($this->status!=ORDER_PLACED)return false;
- global $db;
- if($stm<0)$stm=time();
- $this->senttime=$stm;
- $db->update("order",array("status"=>ORDER_SENT,"senttime"=>$this->senttime),"orderid=".$db->escapeInt($this->orderid));
- return true;
- }
-
- /**sets the order to being cancelled, returns true on success*/
- public function setCancelled()
- {
- global $db;
- $db->beginTransaction();
- //check validity and status
- $res=$db->select("order","status","orderid=".$db->escapeInt($this->orderid));
- if($res===false || count($res)<1){
- $db->rollbackTransaction();
- return false;
- }
- if($res[0]["status"]!=ORDER_PLACED && $res[0]["status"]!=ORDER_RESERVED){
- $db->rollbackTransaction();
- return false;
- }
- //TODO: handle orders that have been sent, but are rolled back now
- //check tickets
- $res=$db->select("ticket","status","orderid=".$db->escapeInt($this->orderid));
- for($i=0;$i<count($res);$i++){
- if($res[$i]["status"]==TICKET_USED){
- $db->rollbackTransaction();
- return false;
- }
- }
- //check vouchers
- $res=$db->select("voucher","price,isused,value","orderid=".$db->escapeInt($this->orderid));
- for($i=0;$i<count($res);$i++){
- //already cancelled?
- if($res[$i]["price"]==0 &&$res[$i]["value"]==0)
- continue;
- //unused?
- if(!$res[$i]["isused"])
- continue;
- //else fail
- $db->rollbackTransaction();
- return false;
- }
- //propagate to tickets
- $db->update("ticket",array("status"=>TICKET_CANCELLED),"orderid=".$db->escapeInt($this->orderid));
- //propagate to vouchers
- $db->update("voucher",array("price"=>0,"value"=>0,"isused"=>0),"orderid=".$db->escapeInt($this->orderid));
- //set order to cancelled
- $db->update("order",array("status"=>ORDER_CANCELLED,"senttime"=>time()),"orderid=".$db->escapeInt($this->orderid));
- $db->mkLog(array("orderid"=>$this->orderid,"orderdue"=>0,"orderpaid"=>$this->amountpaid),tr("order cancelled"));
- $db->commitTransaction();
- return true;
- }
-
- /**creating orders: set a delivery address*/
- public function setDeliveryAddress($da)
- {
- $this->deliveryaddress=trim($da);
- }
-
- /**creating orders: set comment*/
- public function setComment($cm)
- {
- $this->comment=trim($cm);
- }
-
- /**change a reservation into an order or sale*/
- public function changeReservation($mode)
- {
- global $db;
- $db->beginTransaction();
- //check current status
- $res=$db->select("order","status","orderid=".$db->escapeInt($this->orderid));
- if($res===false || count($res)<1){
- $db->rollbackTransaction();
- return false;
- }
- if($res[0]["status"]!=ORDER_RESERVED){
- $db->rollbackTransaction();
- return false;
- }
- //set new status
- $due=$this->totalPrice();
- $set=array("status"=>$mode,"amountpaid"=>0);
- if($mode==ORDER_SOLD)
- $set["amountpaid"]=$due;
- $db->update("order",$set,"orderid=".$db->escapeInt($this->orderid));
- $db->mkLog(array("orderid"=>$this->orderid,"orderpaid"=>$set["amountpaid"],"orderdue"=>$due),tr("reservation to order"));
- $db->commitTransaction();
- return true;
- }
-};
-
-function createOrderXml($xmldata,$action)
-{
- //parse XML data and fill order object
- $order=new Order;
- $xml=new DomDocument;
- $xml->loadXml($xmldata);
- $doc=$xml->documentElement;
- $cust=$doc->getAttribute("customer")+0;
- $order->setCustomerId($cust);
- global $session;
- $canprice=$session->canExecute("changeticketprice");
- //get tickets
- foreach($doc->getElementsByTagName("Ticket") as $tc){
- if($canprice){
- $price=trim($tc->getAttribute("price"));
- if($price=="" || !is_numeric($price))$price=-1;
- else $price=$price+0;
- }else $price=-1;
- $order->addTicket($tc->getAttribute("event")+0,$price);
- }
- //get vouchers
- foreach($doc->getElementsByTagName("Voucher") as $vc){
- $v=trim($vc->getAttribute("value"));
- if($vc->hasAttribute("price"))
- $p=trim($vc->getAttribute("price"));
- else
- $p=false;
- $order->addVoucher($v,$p);
- }
-
- //get shipping
- foreach($doc->getElementsByTagName("Shipping") as $sp){
- if($sp->hasAttribute("price"))
- $p=trim($sp->getAttribute("price"));
- else
- $p=false;
- $t=trim($sp->getAttribute("type"));
- $order->setShipping($t,$p);
- }
-
- //get opt. address
- foreach($doc->getElementsByTagName("DeliveryAddress") as $da){
- foreach($da->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $order->setDeliveryAddress($cn->wholeText);
- }
- foreach($doc->getElementsByTagName("Comment") as $da){
- foreach($da->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $order->setComment($cn->wholeText);
- }
- //get opt. comment
- //check action
- switch($action){
- case "check":
- // check order
- header("X-MagicSmoke-Status: Ok");
- $order->validateOrder(VALIDATEORDER_XML);
- break;
- case "order":
- // create order
- if($order->placeOrder()){
- header("X-MagicSmoke-Status: Ok");
- $order->dumpXml();
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Cannot place order, sorry."));
- }
- break;
- case "sell":
- //create order
- if($order->placeOrder(ORDER_SOLD)){
- header("X-MagicSmoke-Status: Ok");
- //finalize sale
- $order->dumpXml();
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Cannot place sale, sorry."));
- }
- break;
- case "reserve":
- // create order
- if($order->placeOrder(ORDER_RESERVED)){
- header("X-MagicSmoke-Status: Ok");
- $order->dumpXml();
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Cannot place order, sorry."));
- }
- break;
- default:
- header("X-MagicSmoke-Status: Error");
- die(tr("Internal Error: unknown action."));
- }
-}
-
-//returns an overview over all orders
-function getOrderListXml($where="")
-{
- global $db;
- $xml=new DomDocument;
- $doc=$xml->createElement("OrderList");
- $res=$db->select("order","orderid,customerid,status,amountpaid,shippingtype,shippingcosts",$where,"ORDER BY orderid DESC");
- foreach($res as $ord){
- $price=0;
- //check shipping
- if(!$db->isNull($ord["shippingtype"]))
- $price+=$ord["shippingcosts"];
- //collect tickets
- $tres=$db->select("ticket","price,status","orderid=".$db->escapeInt($ord["orderid"]));
- foreach($tres as $tc)
- if(($tc["status"]&TICKET_MPAY)!=0)
- $price+=$tc["price"];
- //collect vouchers
- $tres=$db->select("voucher","price","orderid=".$db->escapeInt($ord["orderid"]));
- foreach($tres as $tc)
- $price+=$tc["price"];
- //generate XML
- $ox=$xml->createElement("Order");
- $ox->setAttribute("id",$ord["orderid"]);
- $ox->setAttribute("customer",$ord["customerid"]);
- $ox->setAttribute("totalprice",$price);
- $ox->setAttribute("paid",$ord["amountpaid"]);
- switch($ord["status"]){
- case ORDER_PLACED:
- $ox->setAttribute("status","placed");
- break;
- case ORDER_SENT:
- $ox->setAttribute("status","sent");
- break;
- case ORDER_CANCELLED:
- $ox->setAttribute("status","cancelled");
- break;
- case ORDER_RESERVED:
- $ox->setAttribute("status","reserved");
- break;
- case ORDER_CLOSED:
- $ox->setAttribute("status","closed");
- break;
- default:
- $ox->setAttribute("status","error");
- break;
- }
- //add to XML
- $doc->appendChild($ox);
- }
- $xml->appendChild($doc);
- //output
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXml());
-}
-
-function getOrderXml($oid)
-{
- $order=new Order($oid);
- if($order->isValid()){
- header("X-MagicSmoke-Status: Ok");
- $order->dumpXml();
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("No such orderID in database."));
- }
-}
-
-//pay or refund
-function orderPayXml($data,$factor)
-{
- //split data
- $dlst=explode(" ",trim($data));
- if(count($dlst)!=2){
- header("X-MagicSmoke-Status: Error");
- die(tr("Expected 2 arguments."));
- }
- //check that order id is int
- $oid=$dlst[0]+0;
- if(!is_numeric($dlst[0])||$oid<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Invalid Order ID")." $oid $dlst[0]");
- }
- //check amount
- $amt=round($dlst[1]+0);
- if($amt<=0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Expected positive amount."));
- }
- //check that order exists
- global $db;
- $db->beginTransaction();
- $res=$db->select("order","amountpaid,status","orderid=".$db->escapeInt($oid));
- if(count($res)<1){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Order does not exist."));
- }
- //check status
- if($res[0]["status"]==ORDER_CLOSED){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Order cannot be changed, it is closed."));
- }
- if($res[0]["status"]==ORDER_RESERVED){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Order cannot be paid for, it is only a reservation. Order or sell it first!"));
- }
- //correct DB
- $amt2=$res[0]["amountpaid"]+($amt*$factor);
- $db->update("order",array("amountpaid"=>$amt2),"orderid=".$db->escapeInt($oid));
- $db->mkLog(array("orderid"=>$oid,"orderpaid"=>$amt2,"moved"=>$amt),$factor>0?tr("payment"):tr("refund"));
- $db->commitTransaction();
- //output
- header("X-MagicSmoke-Status: Ok");
- echo $amt2;
-}
-
-//mark order as shipped
-function orderShippedXml($txt)
-{
- $spl=split("\n",$txt);
- $oid=trim($spl[0]);
- if(!is_numeric($oid)){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID must be numeric."));
- }
- $oid=$oid+0;
- if($oid<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID is invalid."));
- }
- $ord=new Order($oid);
- if(!$ord->isValid()){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID is invalid."));
- }
- //check for date (-1=now)
- global $session;
- $sd=-1;
- if(count($spl)>1 && $session->canExecute("_explicitshipdate")){
- $sd=trim($spl[1]);
- if(is_numeric($sd))$sd=$sd+0;
- else $sd=-1;
- }
- //set it
- if($ord->setShipped($sd)){
- header("X-MagicSmoke-Status: Ok");
- print($ord->getSentTime());
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Wrong state, cannot set order to shipped."));
- }
-}
-
-//mark order as cancelled
-function orderCancelXml($oid)
-{
- if(!is_numeric($oid)){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID must be numeric."));
- }
- $oid=$oid+0;
- if($oid<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID is invalid."));
- }
- $ord=new Order($oid);
- if(!$ord->isValid()){
- header("X-MagicSmoke-Status: Error");
- die(tr("Order ID is invalid."));
- }
- if($ord->setCancelled()){
- header("X-MagicSmoke-Status: Ok");
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Wrong state, cannot set order to cancelled."));
- }
-}
-
-//find an order
-function orderByTicketXml($ticket)
-{
- global $db;
- $res=$db->select("ticket","orderid","ticketid=".$db->escapeString($ticket));
- if(count($res)<1){
- //try voucher instead
- $res=$db->select("voucher","orderid","voucherid=".$db->escapeString($ticket));
- if(count($res)<1){
- header("X-MagicSmoke-Status: Error");
- die(tr("Ticket or Voucher not found."));
- }
- }
- if($db->isNull($res[0]["orderid"]) || $res[0]["orderid"]<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Ticket/Voucher has no order."));
- }
- header("X-MagicSmoke-Status: Ok");
- echo $res[0]["orderid"];
-}
-
-//find an order
-function orderByEventXml($events)
-{
- global $db;
- //collate eventids
- $eids="";
- foreach(explode(" ",$events) as $eid){
- $eid=trim($eid);
- if($eid=="")continue;
- if($eids!="")$eids.=",";
- $eids.=$db->escapeInt($eid);
- }
- if($eids==""){
- header("X-MagicSmoke-Status: Ok");
- echo "<OrderList/> <!-- no events requested -->";
- return;
- }
- //find orders
- $res=$db->select("ticket","orderid","eventid IN (".$eids.")");
- $oar=array();
- $olst="";
- for($i=0;$i<count($res);$i++){
- $oid=$res[$i]["orderid"];
- if($oid===NULL || $oid<0)
- continue;
- if(!in_array($oid,$oar)){
- $oar[]=$oid;
- if($olst!="")$olst.=",";
- $olst.=$oid;
- }
- }
- //print them
- if($olst==""){
- header("X-MagicSmoke-Status: Ok");
- echo "<OrderList/> <!-- no orders found -->";
- }else{
- getOrderListXml("orderid IN (".$olst.")");
- }
-}
-
-//change the comment on an order
-function setOrderCommentXml($txt)
-{
- //parse XML data
- $xml=new DomDocument;
- $xml->loadXml($txt);
- $doc=$xml->documentElement;
- $oid=$doc->getAttribute("orderid")+0;
- $comment="";
- foreach($doc->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $comment=$cn->wholeText;
- //set comment
- global $db;
- $db->beginTransaction();
- $upcnt=$db->update("order",array("comments"=>$comment),"orderid=".$db->escapeInt($oid));
- $db->commitTransaction();
- if($upcnt!==false)
- header("X-MagicSmoke-Status: Ok");
- else{
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to update order comment.");
- }
-}
-
-//change the shipping method on an order
-function setOrderShippingXml($txt)
-{
- //parse XML data
- $xml=new DomDocument;
- $xml->loadXml($txt);
- $doc=$xml->documentElement;
- $oid=$doc->getAttribute("orderid")+0;
- if($doc->hasAttribute("type"))
- $type=$doc->getAttribute("type");
- else
- $type=false;
- if($doc->hasAttribute("price"))
- $price=$doc->getAttribute("price");
- else
- $price=false;
- //set shipping
- global $db;
- global $session;
- $db->beginTransaction();
- $res=$db->select("order","status","orderid=".$oid);
- if($res===false || count($res)<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Order.");
- $db->rollbackTransaction();
- return;
- }
- //TODO: check order status (define rules first)
- if($type===false){
- //remove shipping
- $db->update("order",array("shippingtype"=>false,"shippingcosts"=>0),"orderid=".$db->escapeInt($oid));
- }else{
- //set a shipping option
- $ship=$db->select("shipping","cost","shipid=".$db->escapeInt($type));
- if($ship===false || count($ship)<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Shipping Method.");
- $db->rollbackTransaction();
- return;
- }
- //check price
- if($price===false || !$session->canExecute("_repriceshipping"))
- $price=$ship[0]["cost"];
- $db->update("order",array("shippingtype"=>$type,"shippingcosts"=>$price),"orderid=".$db->escapeInt($oid));
- }
- $db->commitTransaction();
- //dump order object
- $ord=new Order($oid);
- $db->mkLog(array("orderid"=>$oid,"orderpaid"=>$ord->amountPaid(),"orderdue"=>$ord->totalPrice()),tr("shipping changed"));
- header("X-MagicSmoke-Status: Ok");
- $ord->dumpXml();
-}
-
-//get shipping list
-function getShippingXml()
-{
- $xml=new DomDocument;
- $root=$xml->createElement("ShippingList");
- global $db,$session;
- $res=$db->select("shipping","*","");
- $all=$session->canExecute("setshipping")||$session->canExecute("_anyshipping");
- if($res!==false && count($res)>0)
- foreach($res as $sh){
- if(!$sh["canallusers"] && !$all)continue;
- $sx=$xml->createElement("ShippingOption");
- $sx->setAttribute("type",$sh["shipid"]);
- $sx->setAttribute("price",$sh["cost"]);
- $sx->setAttribute("web",$sh["canuseweb"]?"1":"0");
- $sx->setAttribute("anyUser",$sh["canallusers"]?"1":"0");
- $sx->appendChild($xml->createTextNode($sh["description"]));
- $root->appendChild($sx);
- }
- $xml->appendChild($root);
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXml());
-}
-
-//implement set shipping info
-function setShippingXml($txt)
-{
- //parse XML data
- $xml=new DomDocument;
- $xml->loadXml($txt);
- $doc=$xml->documentElement;
- if($doc->hasAttribute("type"))
- $type=$doc->getAttribute("type")+0;
- else
- $type=false;
- $price=$doc->getAttribute("price")+0;
- if($price<0)$price=0;
- $web=$doc->getAttribute("web")+0;
- $any=$doc->getAttribute("anyUser")+0;
- $dsc="";
- foreach($doc->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $dsc=$cn->wholeText;
- //change/create
- global $db;
- if($type===false){
- $type=$db->insert("shipping",array("cost" => $price, "canuseweb" => $web?1:0,
- "canallusers" => $any?1:0, "description" => $dsc));
- if($type===false){
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to create new shipping method.");
- return;
- }
- }else{
- $succ=$db->update("shipping",array("cost" => $price, "canuseweb" => $web?1:0,
- "canallusers" => $any?1:0, "description" => $dsc),
- "shipid=".$db->escapeInt($type));
- if($succ===false || $succ<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to change shipping method.");
- return;
- }
- }
- header("X-MagicSmoke-Status: Ok");
- echo $type;
-}
-//delete shipping info
-function deleteShippingXml($sid)
-{
- global $db;
- if(!is_numeric($sid)){
- header("X-MagicSmoke-Status: Error");
- echo tr("Expected a numeric shipping ID.");
- }
- $r=$db->deleteRows("shipping","shipid=".$db->escapeInt($sid));
- if($r==false || $r<1){
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to delete shipping method.");
- return;
- }
- header("X-MagicSmoke-Status: Ok");
-}
-
-function changeReservationXml($oid,$mode)
-{
- $ord=new Order($oid);
- if(!$ord->isValid()){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Order.");
- return;
- }
- if($ord->changeReservation($mode)){
- header("X-MagicSmoke-Status: Ok");
- }else{
- header("X-MagicSmoke-Status: Error");
- echo tr("Cannot change order from reservation.");
- return;
- }
-
-}
-
-function cent2str($c)
-{
- $r=floor($c/100).".";
- $c="".$c%100;
- if(strlen($c)<2)$c="0".$c;
- return $r.$c;
-}
-
-function moneylogXml($data)
-{
- //split/validate data
- $splt=explode("\n",$data);
- if(count($splt)<2){
- header("X-MagicSmoke-Status: Error");
- echo tr("Expected 2 arguments: query type and ID.");
- return;
- }
- //formulate query
- global $db;
- $query="";
- switch(trim($splt[0])){
- case "order":
- $query="orderid=".$db->escapeInt(trim($splt[1]));
- break;
- case "voucher":
- $query="voucherid=".$db->escapeString(trim($splt[1]));
- break;
- case "user":
- $query="uname=".$db->escapeString(trim($splt[1]));
- break;
- }
- if($query==""){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid Query Type.");
- return;
- }
- //query and print
- header("X-MagicSmoke-Status: Ok");
- $res=$db->select("moneylog","*",$query);
- foreach($res as $row){
- print(date(DATE_W3C,$row["logtime"])." ".$row["log"]." by ".$row["uname"]);
- if(!$db->isNull($row["orderid"]))
- print(", order ".$row["orderid"]);
- if(!$db->isNull($row["voucherid"]))
- print(", voucher ".$row["voucherid"]);
- if(!$db->isNull($row["moved"]))
- print(", money moved ".cent2str($row["moved"]));
- if(!$db->isNull($row["orderpaid"]))
- print(", now paid for order ".cent2str($row["orderpaid"]));
- if(!$db->isNull($row["orderdue"]))
- print(", total price of order ".cent2str($row["orderdue"]));
- if(!$db->isNull($row["vouchervalue"]))
- print(", remaining value of voucher ".cent2str($row["vouchervalue"]));
- print("\n");
- }
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-/**Helper class, should never be used directly*/
-class PHelper
-{
- private $cont;
- /**create helper with array of text lines*/
- public function __construct(array $c)
- {
- $this->cont=$c;
- reset($this->cont);
- }
- /**return next line from array until end is reached*/
- public function getLine()
- {
- $r=current($this->cont);
- next($this->cont);
- return $r;
- }
-}
-
-/**Parser class: see syntax docu for details*/
-class Parser
-{
- private $vars=array();
-
- /**create parser object, initialize its internal state with optional file*/
- public function __construct($fname="")
- {
- global $_SERVER;
- $this->vars["SCRIPT"]=$_SERVER['SCRIPT_NAME'];
- $this->vars["FULLURL"]=$_SERVER['REQUEST_URI'];
- if($fname!="")
- $this->parseFile($fname);
- }
- /**parse a file, return parser-result*/
- public function parseFile($fname)
- {
- global $template;
- $cont=file_get_contents($template.$fname);
- return $this->parse($cont);
- }
- /**parse a string, return parser-result*/
- public function parse($str)
- {
- $cont=explode("\n",str_replace("\r","",$str));
- $help=new PHelper($cont);
- return $this->parseNormal($help);
- }
- /**set an internal variable*/
- public function setVar($vname,$vval)
- {
- $this->vars[$vname]=$vval;
- }
- /**set several internal variables array(variablename=>value)*/
- public function setVars(array $vs)
- {
- reset($vs);
- foreach($vs as $k => $v)
- $this->vars[$k]=$v;
- }
- /**unset a variable*/
- public function unsetVar($vname)
- {
- if(isset($this->vars[$vname]))
- unset($this->vars[$vname]);
- }
- /**get value of a variable (returns false if variable does not exist)*/
- public function getVar($vname)
- {
- if(isset($this->vars[$vname]))
- return $this->vars[$vname];
- else
- return false;
- }
- /**returns true if variable exists*/
- public function haveVar($vname)
- {
- return isset($this->vars[$vname]);
- }
-
- /**internal: used by parse to load data*/
- protected function parseNormal($help)
- {
- $out="";
- while(1){
- //get next line
- $line=$help->getLine();
- //exit if file end has been reached
- if($line===false)return $out;
- //check whether this is a special statement
- if(strncmp("#if:",$line,4)==0)$out.=$this->parseIf($help,$line);else
- if(strncmp("#set:",$line,5)==0)$out.=$this->parseSet($help,$line);
- else $out.=$this->parseLine($line);
- }
- }
- /**internal: replace variables on a line*/
- protected function parseLine($line)
- {
- $ak=array();
- $av=array();
- foreach($this->vars as $k => $v){
- $ak[]="@".$k."@";
- $av[]=$v;
- }
- return str_replace($ak,$av,$line)."\n";
- }
- /**internal: handle an \#if statement*/
- protected function parseIf($help,$line)
- {
- //parse if-line
- $reg=array();
- if(ereg("^#if:([a-zA-Z0-9_]+)[ \t]*([=<>!]+)(.*)$",trim($line),$reg)===false)
- return "(erroneous #if line found)\n";
- //check variable exists
- $doout=isset($this->vars[$reg[1]]);
- //do comparison
- if($doout){
- $v=trim($this->vars[$reg[1]]);
- $c=trim($reg[3]);
- switch($reg[2]){
- case "==":case "=":$doout= $v == $c;break;
- case "<":$doout = $v < $c;break;
- case "<=":$doout = $v <= $c;break;
- case ">":$doout = $v > $c;break;
- case ">=":$doout = $v >= $c;break;
- case "!=":case "<>":$doout = $v != $c;break;
- default: $doout=false;
- }
- }
- //parse till #endif
- if($doout){
- $out="";
- //handle content normally until endif is found, then return
- while(1){
- $line=$help->getLine();
- if($line===false)return $out;
- if(strncmp("#if:",$line,4)==0)$out.=$this->parseIf($help,$line);else
- if(strncmp("#set:",$line,5)==0)$out.=$this->parseSet($help,$line);else
- if(strncmp("#endif",$line,6)==0)return $out;
- else $out.=$this->parseLine($line);
- }
- }else{
- $ifc=1;
- //ignore everything until corresponding endif is found
- //#if needs to be handled specially, since parseIf is not
- // called recursively here
- while(1){
- $line=$help->getLine();
- //last line already?
- if($line===false)return "";
- //handle if and endif
- if(strncmp("#if:",$line,4)==0)$ifc+=1;else
- if(strncmp("#endif",$line,6)==0)$ifc-=1;
- //found corresponding endif?
- if($ifc<=0)return "";
- //ignore remainder
- }
- }
- }
- /**internal: handle \#set statement*/
- protected function parseSet($help,$line)
- {
- //parse set-line
- $reg=array();
- if(ereg("^#set:([a-zA-Z0-9_]+)((:)|(=(.*)))$",trim($line),$reg)===false)
- return "(erroneous #set line found)\n";
- //check type
- $vname=$reg[1];
- $var="";
- if($reg[3]==":"){
- //syntax: #set:var:\nvalue...\n#endset
- //parse till #endset
- $setcnt=1;
- while(1){
- $line=$help->getLine();
- //handle set/unset statements pseudo-recursively
- if(strncmp("#set:",$line,5)==0)$setcnt+=1;else
- if(strncmp("#endset",$line,7)==0)$setcnt-=1;
- //corresponding endset found?
- if($setcnt<=0)break;
- //add content to variable
- $var.=$line."\n";
- }
- }else{
- //syntax: #set:var=value
- //get value directly
- $var=$reg[5];
- }
- //set variable
- $this->setVar(trim($vname),trim($var));
- //go back (set creates no visible output)
- return "";
- }
-};
-
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: room
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-//TODO: implement:
-class Room
-{
- public function __construct($roomid){}
- public function exists(){return false;}
-
-};
-
-function getRoomsXml($xmldata)
-{
- global $db;
- //TODO: check xml data
- //return rooms
- $res=$db->select("room","roomid,capacity,description","");
- $xml=new DOMDocument;
- $root=$xml->createElement("RoomData");
- if(count($res)>0)
- foreach($res as $k => $rm){
- $room=$xml->createElement("Room");
- $room->setAttribute("capacity",$rm["capacity"]);
- $id=$xml->createElement("ID",$rm["roomid"]);
- $room->appendChild($id);
- $des=$xml->createElement("Description",xq($rm["description"]));
- $room->appendChild($des);
- $root->appendChild($room);
- }
- $xml->appendChild($root);
- header("X-MagicSmoke-Status: Ok");
- print($xml->saveXML());
-}
-
-function setRoomsXml($xmldata)
-{
- //TODO:do more extensive syntax checking and better error reporting
- //get XML
- $xml=new DOMDocument;
- if($xml->loadXML($xmldata)===false){
- header("X-MagicSmoke-Status: SyntaxError");
- echo "Unable to parse XML.";
- return;
- }
- //stage 2: extract data from XML
- $doc=$xml->documentElement;
- global $db;
- foreach($doc->getElementsByTagName("Room") as $room){
- //get data
- $cap=$room->getAttribute("capacity")+0;
- $id=false;
- $descr=false;
- foreach($room->getElementsByTagName("ID") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $id=trim($cn->wholeText);
- foreach($room->getElementsByTagName("Description") as $el)
- foreach($el->childNodes as $cn)
- if($cn->nodeType==XML_TEXT_NODE)
- $descr=trim($cn->wholeText);
- if($id===false)continue;
- $db->beginTransaction();
- $res=$db->select("room","roomid","roomid=".$db->escapeString($id));
- if(count($res)>0){
- $db->update("room",array("capacity"=>$cap,"description"=>$descr),"roomid=".$db->escapeString($id));
- }else{
- $db->insert("room",array("roomid"=>$id,"capacity"=>$cap,"description"=>$descr));
- }
- $db->commitTransaction();
- }
- header("X-MagicSmoke-Status: Ok");
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: ticket
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/* TRANSLATOR php:: */
-
-//masks
-/**mask: ticket is blocked (is blocking a seat)*/
-define("TICKET_MBLOCK",0x100); //dec: 256
-/**mask: ticket must be paid or is paid*/
-define("TICKET_MPAY",0x200); //dec: 512
-/**mask: ticket is usable by a customer (blocking plus (to be) paid)*/
-define("TICKET_USABLE",0x300); //dec: 768
-
-
-/**ticket has been reserved by a seller*/
-define("TICKET_RESERVED",0x301); //dec: 769
-/**ticket is part of an order or has been sold independently*/
-define("TICKET_BOUGHT",0x302); //dec: 770
-/**ticket has been used*/
-define("TICKET_USED",0x303); //dec: 771
-/**ticket has been cancelled by some entity*/
-define("TICKET_CANCELLED",0x4); //dec: 4
-/**ticket has been refunded*/
-define("TICKET_REFUND",0x4); //dec: 4
-
-class Ticket
-{
- private $ticketid=false;
- private $eventid=false;
- private $price=false;
- private $status=false;
- private $reservedby=false;
- private $reservetimeout=false;
- private $orderid=false;
-
- private static $NumTicketChars=false;
-
- /**generates a ticket, if $ticketid is false it creates an empty ticket, if it is a string it attempts to find it in the database*/
- public function __construct($ticketid=false)
- {
- global $db;
- if(self::$NumTicketChars===false){
- self::$NumTicketChars=$db->getConfig("TicketIDChars")+0;
- if(self::$NumTicketChars<=5)self::$NumTicketChars=10;
- }
- if($ticketid!==false){
- $res=$db->select("ticket","*","ticketid=".$db->escapeString(strtoupper($ticketid)));
- if(count($res)<1)return;
- $this->ticketid=strtoupper($ticketid);
- $this->eventid=$res[0]["eventid"];
- $this->price=$res[0]["price"];
- $this->status=$res[0]["status"];
- $this->reservedby=$res[0]["reservedby"];
- $this->reservetimeout=$res[0]["reservetimeout"];
- $this->orderid=$res[0]["orderid"];
- }
- }
-
- /**returns whether this is a valid DB object*/
- public function isValid()
- {
- return $this->ticketid!==false;
- }
-
- /**returns the ID of the ticket*/
- public function getTicketId()
- {
- return $this->ticketid;
- }
-
- /**returns the ID of the event*/
- public function getEventId()
- {
- return $this->eventid;
- }
-
- /**returns the price of the ticket*/
- public function getPrice()
- {
- return $this->price;
- }
-
- /**overwrites the price stored in this object (used by order before the ticket is stored to the DB)*/
- public function setPrice($p)
- {
- $this->price=$p;
- }
-
- /**returns the ticket status*/
- public function getStatus()
- {
- return $this->status;
- }
-
- /**returns the ticket status for XML output*/
- public function xmlStatus()
- {
- switch($this->status){
- case TICKET_RESERVED:
- return "reserved";
- case TICKET_BOUGHT:
- return "bought";
- case TICKET_USED:
- return "used";
- case TICKET_CANCELLED:
- return "refund";
- default:
- return "error";
- }
- }
-
- /**returns whether the ticket must be paid (or is already paid)*/
- public function mustBePaid()
- {
- return ($this->status & TICKET_MBLOCK) != 0;
- }
-
- /**sets the event and copies the price from it; returns true on success*/
- public function setEventId($e)
- {
- global $db;
- //find event
- $res=$db->select("event","defaultprice","eventid=".$db->escapeInt($e));
- if(count($res)<1)return false;
- $this->eventid=$e+0;
- $this->price=$res[0]["defaultprice"];
- }
-
- /**sets the event and copies the price from it; returns true on success*/
- public function setEvent($e)
- {
- return $this->setEventID($e->getEventId());
- }
-
- /**creates the ticket in the database and adds it to the order; expects orderid as argument; returns false if it fails; it may fail if the event has not been set*/
- public function addToOrder($o)
- {
- global $db;
- //sanity checks
- if($this->ticketid!==false)return false;
- if($this->eventid===false)return false;
- //generate ticket ID
- $db->beginTransaction();
- do{
- $tid=getCode39ID(self::$NumTicketChars,RND_TICKET);
- $res=$db->select("ticket","ticketid","ticketid=".$db->escapeString($tid));
- if(count($res)==0)break;
- }while(true);
- //create entry
- $res=$db->insert("ticket",array("ticketid"=>$tid,"eventid"=>$this->eventid, "price"=>$this->price,"status"=>TICKET_BOUGHT,"orderid"=>$o));
- if($res===false){
- $db->rollbackTransaction();
- return false;
- }
- $db->commitTransaction();
- $this->ticketid=$tid;
- $this->status=TICKET_BOUGHT;
- $this->orderid=$o;
- return true;
- }
-
- /**dumps the ticket as XML*/
- public function dumpXml()
- {
- $xml=new DomDocument;
- $doc=$xml->createElement("Ticket");
- $doc->setAttribute("id",$this->ticketid);
- $doc->setAttribute("status",$this->xmlStatus());
- $doc->setAttribute("order",$this->orderid);
- $doc->setAttribute("event",$this->eventid);
- $doc->setAttribute("price",$this->price);
- $doc->setAttribute("orderpaystate",$this->orderPayStateXml());
- $xml->appendChild($doc);
- print($xml->saveXml());
- }
-
- /**helper: gets the status of the order for dumpXml*/
- protected function orderPayStateXml()
- {
- if($this->orderid<0)return "none";
- $ord=new Order($this->orderid);
- if(!$ord->isValid())return "none";
- if($ord->getStatus()==ORDER_CLOSED)return "ok";
- if($ord->getStatus()==ORDER_CANCELLED)return "cancelled";
- return $ord->getPaymentStatus();
- }
-
- /**tries to mark the ticket as used*/
- public function markUsedXml()
- {
- if(!$this->isValid()){
- header("X-MagicSmoke-Status: Error");
- die(tr("The ticket is not valid."));
- }
- if($this->status==TICKET_USED){
- header("X-MagicSmoke-Status: Error");
- die(tr("The ticket has already been used."));
- }
- if($this->status!=TICKET_BOUGHT){
- header("X-MagicSmoke-Status: Error");
- die(tr("The ticket has not been bought or is cancelled."));
- }
- $ps=$this->orderPayStateXml();
- if($ps=="needpayment"){
- header("X-MagicSmoke-Status: Error");
- die(tr("The ticket has not been paid."));
- }
- if($ps!="ok" && $ps!="needrefund"){
- header("X-MagicSmoke-Status: Error");
- die(tr("The tickets order is in an invalid state or does not exist."));
- }
- $this->status=TICKET_USED;
- global $db;
- $db->update("ticket",array("status"=>TICKET_USED),"ticketid=".$db->escapeString($this->ticketid));
- }
-};
-
-function getTicketXml($tid)
-{
- $tick=new Ticket($tid);
- if($tick->isValid()){
- header("X-MagicSmoke-Status: Ok");
- $tick->dumpXml();
- }else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Unable to find this ticket."));
- }
-}
-
-function useTicketXml($tid)
-{
- $tick=new Ticket($tid);
- if($tick->isValid())
- $tick->markUsedXml();
- else{
- header("X-MagicSmoke-Status: Error");
- die(tr("Unable to find this ticket."));
- }
-}
-
-function changeTicketPriceXml($data)
-{
- //split
- $lst=explode("\n",$data);
- if(count($lst)!=2){
- header("X-MagicSmoke-Status: Error");
- die(tr("Malformed request."));
- }
- //check price
- if(!is_numeric(trim($lst[1]))){
- header("X-MagicSmoke-Status: Error");
- die(tr("Price must be a number."));
- }
- $prc=trim($lst[1])+0;
- if($prc<0){
- header("X-MagicSmoke-Status: Error");
- die(tr("Price must be positive."));
- }
- //get ticket
- global $db;
- $db->beginTransaction();
- $res=$db->select("ticket","ticketid","ticketid=".$db->escapeString(trim($lst[0])));
- if(count($res)<1){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Unable to find this ticket."));
- }
- $db->update("ticket",array("price"=>$prc),"ticketid=".$db->escapeString(trim($lst[0])));
- $db->commitTransaction();
- header("X-MagicSmoke-Status: Ok");
-}
-
-function ticketReturnXml($tid)
-{
- //get ticket
- global $db;
- $db->beginTransaction();
- $res=$db->select("ticket","ticketid,status","ticketid=".$db->escapeString($tid));
- if(count($res)<1){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Unable to find this ticket."));
- }
- if($res[0]["status"]!=TICKET_BOUGHT && $res[0]["status"]!=TICKET_RESERVED){
- $db->rollbackTransaction();
- header("X-MagicSmoke-Status: Error");
- die(tr("Ticket cannot be returned."));
- }
- $db->update("ticket",array("status"=>TICKET_CANCELLED),"ticketid=".$db->escapeString($tid));
- $db->commitTransaction();
- header("X-MagicSmoke-Status: Ok");
-}
-
-?>
\ No newline at end of file
+++ /dev/null
-<?
-//
-// PHP Implementation: voucher
-//
-// Description:
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2008
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/* TRANSLATOR php:: */
-
-class Voucher
-{
- private $voucherid=false;
- private $orderid=false;
- private $price=false;
- private $value=false;
- private $isused=false;
-
- private static $NumVoucherChars=false;
-
- /**create a new voucher: with id from DB or for later creation*/
- public function __construct($voucherid=false)
- {
- global $db;
- if(self::$NumVoucherChars===false){
- self::$NumVoucherChars=$db->getConfig("VoucherIDChars")+0;
- if(self::$NumVoucherChars<=5)self::$NumVoucherChars=10;
- }
- if($voucherid!==false){
- $res=$db->select("voucher","*","voucherid=".$db->escapeString($voucherid));
- if($res===false || count($res)<1)return;
- $this->voucherid=$res[0]["voucherid"];
- $this->orderid=$res[0]["orderid"];
- $this->price=$res[0]["price"];
- $this->value=$res[0]["value"];
- $this->isused=$res[0]["isused"];
- }
- }
-
- /**return whether this voucher has an equivalent in the DB*/
- public function isValid()
- {
- return $this->voucherid!==false;
- }
-
- /**returns the remaining value in cent*/
- public function remainingValue()
- {
- return $this->value;
- }
-
- /**returns the price of the voucher*/
- public function price()
- {
- return $this->price;
- }
-
- /**returns the ID of the order this voucher belongs to*/
- public function orderID()
- {
- return $this->orderid;
- }
-
- /**returns whether the voucher is cancelled*/
- public function isCancelled()
- {
- return $this->price==0 && $this->value==0;
- }
-
- /**returns whether the voucher has already been used*/
- public function isUsed()
- {
- return $this->isused;
- }
-
- /**returns whether the voucher can be cancelled*/
- public function canCancel()
- {
- if($this->isCancelled())return true;
- if(!$this->isUsed())return true;
- return false;
- }
-
- /**returns whether the voucher can be forcefully emptied*/
- public function canEmpty()
- {
- return !$this->isCancelled();
- }
-
- /**returns whether the voucher can pay for anything*/
- public function canPay()
- {
- return $this->value!=0;
- }
-
- /**actually cancel the voucher (does all checks again); returns true on success*/
- public function cancelVoucher()
- {
- if(!isValid())return false;
- global $db;
- $db->beginTransaction();
- //recheck
- $res=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid));
- if($res===false || count($res)<1){
- $db->rollbackTransaction();
- return false;
- }
- //is it non-cancelled and used?
- if(($res[0]["price"]!=0 || $res[0]["value"]!=0) && $res[0]["isused"]){
- $db->rollbackTransaction();
- return false;
- }
- //overwrite
- $db->update("voucher",array("price"=>0,"value"=>0,"isused"=>0),"voucherid=".$db->escapeString($this->voucherid));
- $db->mkLog(array("voucherid"=>$this->voucherid, "vouchervalue"=>0),tr("cancel voucher"));
- $db->commitTransaction();
- return true;
- }
-
- /**actually empty a voucher*/
- public function emptyVoucher()
- {
- //sanity check
- if(!$this->isValid())return;
- if(!$this->canEmpty())return;
- //now do the deed
- global $db;
- $db->update("voucher",array("value"=>0,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid));
- $db->mkLog(array("voucherid"=>$this->voucherid, "vouchervalue"=>0),tr("empty voucher"));
- }
-
- /**create the voucher in the database; returns false on failue*/
- public function addToOrder($orderid,$price,$value)
- {
- //since this is called from Order only, we assume orderid to be correct
- //sanity check (should not fail, since Order also checks)
- if($price<0 || $value<=0)return false;
- //create a new ID
- global $db;
- $db->beginTransaction();
- do{
- $vid=getCode39ID(self::$NumVoucherChars,RND_VOUCHER);
- $res=$db->select("voucher","voucherid","voucherid=".$db->escapeString($vid));
- if(count($res)==0)break;
- }while(true);
- //create entry
- $res=$db->insert("voucher",array("voucherid"=>$vid,"price"=>$price,"value"=>$value,"isused"=>0,"orderid"=>$orderid));
- if($res===false){
- $db->rollbackTransaction();
- return false;
- }
- $db->mkLog(array("voucherid"=>$vid, "vouchervalue"=>$value, "orderid"=>$orderid),tr("create voucher"));
- $db->commitTransaction();
- $this->voucherid=$vid;
- $this->orderid=$orderid;
- $this->price=$price+0;
- $this->value=$value+0;
- $this->isused=false;
- return true;
-}
-
- /**use the voucher to pay for an order; return true on success*/
- public function payForOrder($orderid)
- {
- //pre-check
- if(!$this->isValid() || !$this->canPay())return false;
- //now go to the DB
- global $db;
- $db->beginTransaction();
- //get voucher data and recheck
- $vres=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid));
- if($vres===false || count($vres)<1){
- $db->rollbackTransaction();
- return false;
- }
- if($vres[0]["value"]<=0){
- $db->rollbackTransaction();
- return false;
- }
- //get my own order status
- $myord=new Order($this->orderid);
- if(!$myord->isValid()){
- $db->rollbackTransaction();
- return false;
- }
- $ps=$myord->getPaymentStatus();
- if($ps!="needrefund" && $ps!="ok"){
- $db->rollbackTransaction();
- return false;
- }
- //get the target order data
- $ord=new Order($orderid);
- if(!$ord->isValid()){
- $db->rollbackTransaction();
- return false;
- }
- $adue=$ord->amountDue();
- if($adue<=0){
- $db->rollbackTransaction();
- return false;
- }
- //get amount to swap
- $pay=$vres[0]["value"];
- if($adue<$pay)$pay=$adue;
- //store corrected voucher
- $this->value=$vres[0]["value"]-$pay;
- $b=$db->update("voucher",array("value"=>$this->value,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid))!==false;
- //store corrected order
- $a=$ord->amountPaid()+$pay;
- $b&=$db->update("order",array("amountpaid"=>$a),"orderid=".$db->escapeInt($orderid))!==false;
- //if anything went wrong: roll back
- if(!$b){
- $db->rollbackTransaction();
- return false;
- }
- $db->mkLog(array("voucherid"=>$this->voucherid,"orderid"=>$orderid,"orderdue"=>$adue,"orderpaid"=>$a,"vouchervalue"=>$this->value,"moved"=>$pay),tr("pay with voucher"));
- //whoo. got it!
- $db->commitTransaction();
- return true;
- }
-
- /**use the voucher to pay for something not in the system; return true on success*/
- public function payForOutside($amount)
- {
- //pre-check
- if(!$this->isValid() || !$this->canPay())return false;
- if($amount < 0)return false;
- //now go to the DB
- global $db;
- $db->beginTransaction();
- //get voucher data and recheck
- $vres=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid));
- if($vres===false || count($vres)<1){
- $db->rollbackTransaction();
- return false;
- }
- if($vres[0]["value"]<=0){
- $db->rollbackTransaction();
- return false;
- }
- //get amount to swap
- $pay=$vres[0]["value"];
- if($amount<$pay)$pay=$amount;
- //store corrected voucher
- $this->value=$vres[0]["value"]-$pay;
- $b=$db->update("voucher",array("value"=>$this->value,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid))!==false;
- //if anything went wrong: roll back
- if(!$b){
- $db->rollbackTransaction();
- return false;
- }
- $db->mkLog(array("voucherid"=>$this->voucherid,"vouchervalue"=>$this->value,"moved"=>$pay),tr("pay with voucher outside system"));
- //whoo. got it!
- $db->commitTransaction();
- return true;
- }
-
- /**dumps the XML representation of the voucher*/
- function dumpXml()
- {
- $xml=new DomDocument;
- $doc=$xml->createElement("Voucher");
- $doc->setAttribute("id",$this->voucherid);
- $doc->setAttribute("price",$this->price);
- $doc->setAttribute("value",$this->value);
- $doc->setAttribute("used",$this->isused?"1":"0");
- $xml->appendChild($doc);
- print($xml->saveXml());
- }
-};
-
-function getVoucherPricesXml()
-{
- global $db;
- header("X-MagicSmoke-Status: Ok");
- $r=$db->getConfig("ValidVouchers");
- if($r!==false)print($r);
-}
-
-function cancelVoucherXml($vid)
-{
- $vc=new Voucher($vid);
- if($vc->isValid() && $vc->canCancel()){
- if($vc->cancelVoucher()){
- header("X-MagicSmoke-Status: Ok");
- return;
- }
- }
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to cancel voucher.");
-}
-
-function emptyVoucherXml($vid)
-{
- $vc=new Voucher($vid);
- if(!$vc->isValid()){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid voucher, cannot empty it.");
- return;
- }
- header("X-MagicSmoke-Status: Ok");
- $vc->emptyVoucher();
-}
-
-function useVoucherXml($txt)
-{
- //split data
- $splt=explode("\n",$txt);
- if(count($splt)<2){
- header("X-MagicSmoke-Status: SyntaxError");
- echo tr("Expected two arguments: voucher id and order id.");
- return;
- }
- $vc=new Voucher(trim($splt[0]));
- if(!$vc->isValid()){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid voucher id.");
- return;
- }
- if($vc->payForOrder(trim($splt[1]))){
- header("X-MagicSmoke-Status: Ok");
- print($vc->remainingValue()."\n");
- global $db;
- $res=$db->select("order","amountpaid","orderid=".$db->escapeInt(trim($splt[1])));
- if(count($res)>0)
- print($res[0]["amountpaid"]);
- }else{
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to process payment via voucher.");
- }
-}
-
-function useVoucher2Xml($txt)
-{
- //split data
- $splt=explode("\n",$txt);
- if(count($splt)<2){
- header("X-MagicSmoke-Status: SyntaxError");
- echo tr("Expected two arguments: voucher id and amount to deduct.");
- return;
- }
- $vc=new Voucher(trim($splt[0]));
- if(!$vc->isValid()){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid voucher id.");
- return;
- }
- $val=$vc->remainingValue();
- if($vc->payForOutside(trim($splt[1])+0)){
- header("X-MagicSmoke-Status: Ok");
- $val2=$vc->remainingValue();
- print(($val-$val2)."\n".$val2);
- }else{
- header("X-MagicSmoke-Status: Error");
- echo tr("Unable to process payment via voucher.");
- }
-}
-
-function getVoucherXml($vid)
-{
- $vc=new Voucher($vid);
- if(!$vc->isValid()){
- header("X-MagicSmoke-Status: Error");
- echo tr("Invalid voucher ID.");
- return;
- }
- header("X-MagicSmoke-Status: Ok");
- $vc->dumpXml();
-}
-
-
-
-?>
\ No newline at end of file
$lang = LanguageManager::singleton();
$error = ErrorManager::singleton();
-$parser = new Parser();
?>
include('./config.php');
//try to connect
$db->tryConnect();
-//move on in loader_nonadmin.php (or admin.php)
+//make machine interface available (also used indirectly by index.php)
include("./inc/machine/autoload.php");
+//move on in loader_nonadmin.php (or admin.php)
?>
\ No newline at end of file
/** creates an list of events */
public static function createEventList()
{
- global $parser;
+ global $twig,$basevars,$session;
//pass 1: get layout of single event
- $p=new Parser("index.html");
- $list="";
- $eventTmpl=$p->getVar("EVENT");
+ $p=$twig->loadTemplate("index.html");
+ $list=$basevars;
$trn=WTrGetAllEvents::execute();
$events = $trn->resultevents();
- foreach ($events as $event)
- {
- $p->setVars($event->getParserData());
- $list .= $p->parse($eventTmpl);
+ $now=time();
+ foreach ($events as $event){
+ //only show current events
+ if($event->getstart()<=$now)continue;
+ //only show those available via web
+ if(!$session->checkFlags($event->getflags()))continue;
+ //encode as array
+ $list['events'][]=$event->getParserData();
}
//pass 2: create page
- $p->setVar("LIST",$list);
- $parser->setVar("PAGE",$p->parseFile("index.html"));
+ return $p->render($list);
}
/** creates the details of an event */
/**returns the data in an array suitable for the web-page-renderer*/
public function getParserData()
{
+ global $session;
$lang = LanguageManager::singleton();
- return array(
- "DATE"=>$lang->getDate($this->getstart()),
- "TIME"=>$lang->getTime($this->getstart()),
- "PLACE"=>$this->getroom(),
- "EVENTNAME"=>$this->gettitle(),
- "ARTIST"=>$this->getartist()->getname(),
- //TODO: do something about prices
-// "PRICE"=>$lang->getPrice($this->getDefaultPrice()),
+ $ret=array(
+ "date"=>$lang->getDate($this->getstart()),
+ "time"=>$lang->getTime($this->getstart()),
+ "place"=>$this->getroom(),
+ "name"=>$this->gettitle(),
+ "artist"=>$this->getartist()->getname(),
"ID"=>$this->getid(),
- "DESCRIPTION"=>$this->getdescription(),
- "AVAILABLETICKETS"=>$this->getamountFree()
- );;
+ "description"=>$this->getdescription(),
+ "availabletickets"=>$this->getamountFree(),
+ "prices" => array()
+ );
+ //list all available prices
+ foreach($this->getprice() as $price){
+ //not those unavailable via web
+ if(!$session->checkFlags($price->getflags()))continue;
+ //fill in data
+ $ret['prices'][]=array(
+ "price"=>$lang->getPrice($price->getprice()),
+ "pricecents"=>$price->getprice(),
+ "categoryid"=>$price->getpricecategoryid(),
+ "categoryname"=>$price->getpricecategory()->getname()
+ );
+ }
+ //return result
+ return $ret;
}
};
//basics
include('inc/loader.php');
include('inc/loader_nonadmin.php');
-//load class-files; TODO: remove most of them
+//load class-files
include('./inc/classes/autoload.php');
//load external Twig library
require_once 'inc/twig/Autoloader.php';
include('inc/global_functions.php');
include("inc/rendering/autoload.php");
-//include process script
+//include process script (TODO: rework to be autoloaded)
include('inc/rendering/submit.php');
-//include display scripts
+//include display scripts (TODO: move to autoloading)
include('inc/rendering/cart_listing.php');
include('inc/rendering/order_listing.php');
//set internal session to virtual "_web" user for use by transactions
Session::setWebSession();
+//initialize TWIG
+$loader = new Twig_Loader_Filesystem($template);
+$twig = new Twig_Environment($loader, $twigoptions );
+foreach($twigextensions as $te)$twig->addExtension($te);
+
+//basic variables shared by all templates
+// script URLs
+$basevars['script']['root']=$_SERVER['SCRIPT_NAME'];
+$basevars['script']['this']=$_SERVER['REQUEST_URI'];
+$basevars['script']['eventDetails']=$_SERVER['SCRIPT_NAME']."?mode=eventDetails&event=";
+$basevars['script']['cart']=$_SERVER['SCRIPT_NAME']."?mode=cart";
+$basevars['script']['orderLogin']=$_SERVER['SCRIPT_NAME']."?mode=orderLogin";
+$basevars['script']['customerRegistration']=$_SERVER['SCRIPT_NAME']."?mode=customerRegistration";
+$basevars['script']['orderOverview']=$_SERVER['SCRIPT_NAME']."?mode=orderOverview";
+$basevars['script']['editShippingAddress']=$_SERVER['SCRIPT_NAME']."?mode=editShippingAddress";
+$basevars['script']['editOrderComments']=$_SERVER['SCRIPT_NAME']."?mode=editOrderComments";
+
+//strings that are used to compose the overall layout
+$page="(internal error: no page text yet)";
+
try{
//get page template and process it
switch($mode){
editOrderComments();
break;
default:
- EventRender::createEventList();
+ $page=EventRender::createEventList();
break;
}
}catch(Exception $ex){
error_log($ex->getMessage());
- $p=new Parser("error.html");
+ $p=$twig->loadTemplate("error.html");
+ $e=$basevars;
if($WebShowErrors)
- $p->setVar("ErrorText",$ex->getMessage());
+ $e["ErrorText"]=$ex->getMessage();
else
- $p->setVar("ErrorText","An error occured, contact the server admin for details.");
- $parser->setVar("PAGE",$p->parseFile("error.html"));
+ $e["ErrorText"]=translate("WebSite","An error occured, contact the server admin for details.");
+ $page=$p->render($e);
}
//spit out completed page
header("Content-Type: text/html; charset=utf-8");
-print($parser->parseFile("layout.html"));
+print($page);
?>
\ No newline at end of file
<h1>Error</h1>
-@ErrorText@
+{{ErrorText}}
<hr/>
<a href="@SCRIPT@">Back to Index</a>
-<div align="right">
-#if:ROLE==buyer
-<a href="@SCRIPT@?mode=login">Login Verkäufer</a>
-#endif
-#if:ROLE==seller
-<a href="@SCRIPT@?mode=logout">Logout</a>
-#endif
-</div>
-<h1>Kartenvorverkauf</h1>
+{# Example Template for MagicSmoke
+ ================================
+ this one is called to create the event list
+#}
-@LIST@
+{% extends 'layout.html' %}
-#set:EVENT:
-<p>Datum: @DATE@ @TIME@<br/>
-Ort: @PLACE@<br/>
-<b>@EVENTNAME@</b><br/>
-<i>@ARTIST@</i><br/>
-@DESCRIPTION@<br/>
-Kartenpreis: @PRICE@ EUR<br/>
-#if:AVAILABLETICKETS>0
-<a href="@SCRIPT@?mode=eventDetails&event=@ID@">Bestellen</a>
-#if:AVAILABLETICKETS<=5
-<font color="red">*nur noch Restkarten*</font>
-#endif
-#endif
-#if:AVAILABLETICKETS==0
-<font color="red">*ausverkauft*</font>
-#endif
+{% block title %}Overview{% endblock %}
-</p>
-#endset
+{% block page %}
+
+ {% for event in events %}
+ <h2>{{event.name}}</h2>
+ {{event.date}} {{event.time}}, {{event.place}}<br/>
+ Artist: {{event.artist}}<br/>
+ {{event.description}}<br/>
+ Price:
+ {% for price in event.prices %}
+ {{price.price}} ({{price.categoryname}})
+ {% endfor %}<br/>
+ <a href="{{script.eventDetails}}{{event.ID}}">order tickets</a>
+ {% endfor %}
+
+{% endblock %}
<head>
-<title>Magic Smoke Example Layout</title>
+<title>{% block title %}{% endblock %} - Magic Smoke Example Layout</title>
<link rel="stylesheet" type="text/css" href="styles/style.css">
</head>
<body>
-<h1>Magic Smoke Example Layout</h1>
+<h1>{% display title %} - Magic Smoke Example Layout</h1>
<!-- Begin Form -->
-@PAGE@
+{% block page %}{% endblock %}
<!-- End Form -->
<hr/>
projects / web/konrad/smoke.git / commitdiff