From: konrad Date: Sat, 29 May 2010 19:02:21 +0000 (+0000) Subject: converted the first page to Twig X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=8bd24a41e0cb54ab94f09be193a62bac1097a5e3;p=web%2Fkonrad%2Fsmoke.git converted the first page to Twig git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@481 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/config.php.template b/www/config.php.template index 74e6798..ccc2a13 100644 --- a/www/config.php.template +++ b/www/config.php.template @@ -7,6 +7,25 @@ //Template directory $template="./template/"; +//Renderer options +// uncomment the ones you want to use +$twigoptions = array( + //cache should be either set to false (no cache) or an explicit writeable path + //if not present Twig will use a subdirectory under /tmp, which is not particularly secure + //'cache' => '/path/to/compilation_cache', + 'cache' => false, + //character set the templates are written in, default is utf-8 + //'charset' => 'utf-8', + //automatically reload/compile templates when they change + //'auto_reload' => false, +); +//Renderer extensions +$twigextensions = array( + //'Escaper', //provides the escape filter and autoescaping + //'Sandbox', //allows to execute templates in a sandbox + //'I18n', //provides the trans filter +); +//there is currently no configuration available for these extensions - this may make them pretty useless /////////// //Chose a DB engine diff --git a/www/inc/classes/autoload.php b/www/inc/classes/autoload.php index 650654d..d4918bf 100644 --- a/www/inc/classes/autoload.php +++ b/www/inc/classes/autoload.php @@ -10,17 +10,8 @@ // Copyright: See README/COPYING files that come with this distribution // // -include_once('./inc/classes/event.php'); -include_once('./inc/classes/room.php'); -include_once("./inc/classes/random.php"); -include_once("./inc/classes/order.php"); -include_once("./inc/classes/ticket.php"); -include_once("./inc/classes/voucher.php"); -include_once("./inc/classes/cart.php"); -include_once('./inc/classes/error.php'); -include_once('./inc/classes/language_manager.php'); -include_once('./inc/classes/parser.php'); -include_once('./inc/classes/config_manager.php'); -include_once('./inc/classes/customer.php'); -include_once('./inc/classes/websession.php'); +wob_autoclass('LanguageManager','./inc/classes/language_manager.php'); +wob_autoclass('ConfigManager','./inc/classes/config_manager.php'); +wob_autoclass('Websession','./inc/classes/websession.php'); +// wob_autoclass('ErrorManager','./inc/classes/error.php'); ?> \ No newline at end of file diff --git a/www/inc/classes/cart.php b/www/inc/classes/cart.php deleted file mode 100644 index f086160..0000000 --- a/www/inc/classes/cart.php +++ /dev/null @@ -1,339 +0,0 @@ -, (C) 2007 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -/**this class represents a bunch of tickets in the shopping cart, it is created by Cart*/ -class CartTicket -{ - private $cartid; - private $eventid; - private $amount; - - /**used by Cart to create the tickets, never use this directly*/ - public function __construct($cid,$eid,$amt) - { - $this->cartid=$cid; - $this->eventid=$eid; - $this->amount=$amt; - } - - /**use this to increase or decrease the amount of tickets; if the amount is decreased to zero, the row in the DB is deleted and the ticket can only be re-added with Cart::addTicket */ - public function changeAmount($amt) - { - global $db; - if($amt<=0){ - $db->deleteRows("cart_ticket","cartid=".$db->escapeString($this->cartid)." and eventid=".$this->eventid); - $this->amount=0; - }else{ - $db->update("cart_ticket",array("amount"=>($amt+0)),"cartid=".$db->escapeInt($this->cartid)." AND eventid=".$db->escapeInt($this->eventid)); - $this->amount=$amt; - } - } - - /**use this to get the actual event*/ - public function eventObject() - { - return new Event($this->eventid); - } - - /**return the eventID*/ - public function getEventId() - { - return $this->eventid; - } - - /**return the current amount*/ - public function getAmount() - { - return $this->amount; - } -}; - -/**this error is returned if there are no items in a cart and the user wants to order it*/ -define("CE_NOITEMS",1); -/**this error is returned if the user tries to buy a ticket for a cancelled event*/ -define("CE_EVENTCANCELLED",10); -/**this error is returned if the event does not have that many tickets left*/ -define("CE_EVENTNOTICKETS",11); -/**this error is returned if the user wants to buy tickets for an unknown event (internal error?)*/ -define("CE_EVENTUNKNOWN",12); -/**this error is returned if the event is already over or tickets cannot be purchased anymore*/ -define("CE_EVENTOVER",13); -/**this error is returned if an invalid voucher value is ordered*/ -define("CE_INVALIDVOUCHER",20); - -/**instantiated by Cart::orderCheck to report errors*/ -class CartError -{ - private $etype; - private $eventid; - - /**instantiates an error object of the given type and optionally for the given event*/ - public function __construct($errtype,$eid=false) - { - $this->etype=$errtype; - $this->eventid=$eid; - } - - /**returns the error type (see CE_* constants)*/ - public function errorType() - { - return $this->etype; - } - - /**returns the event id associated with this error (false if none)*/ - public function eventId() - { - return $this->eventid; - } - - /**returns the Event object associated with this error (false if none)*/ - public function eventObject() - { - if($this->eventid===false)return false; - return new Event($this->eventid); - } - - /**returns a nice printable string*/ - public function toString() - { - $ret=i18n("Error: "); - switch($this->etype){ - case CE_NOITEMS:$ret.=i18n("No items in cart.");break; - case CE_EVENTCANCELLED:$ret.=i18n("Event has been cancelled.");break; - case CE_EVENTNOTICKETS:$ret.=i18n("No more tickets available.");break; - case CE_EVENTUNKNOWN:$ret.=i18n("Unknown Event.");break; - case CE_EVENTOVER:$ret.=i18n("Cannot order tickets from past.");break; - case CE_INVALIDVOUCHER:$ret=i18n("Voucher is invalid.");break; - } - return $ret; - } -}; - -/**this class represents a shopping cart*/ -class Cart -{ - private $cartid=false; - - /**reloads a cart from the database, if $id is false a new one is created, use isValid() to check whether the cart really exists in the DB (it may have expired)*/ - public function __construct($id=false) - { - global $db; - global $CartTimeout; - - //prune cart table - $db->deleteRows("cart", "timeout < ".time()); - - if($id===false){ - $db->beginTransaction(); - while(1){ - //generate ID - $id=getRandom(128); - //check it does not exist - $res=$db->select("cart","cartid","cartid=".$db->escapeString($id)); - if(count($res)==0){ - $this->cartid=$id; - break; - } - } - //create entry - - $timeout = time()+$CartTimeout ; -// print $timeout; - $db->insert("cart",array("cartid"=>$id,"timeout"=>$timeout)); - $db->commitTransaction(); - }else{ - //check that cart exists - $res=$db->select("cart","cartid","cartid=".$db->escapeString($id)); - if(count($res)>0)$this->cartid=$id; - } - } - - /**returns true if this is a valid shopping cart, if it returns false, try to create a new one*/ - public function isValid() - { - return $this->cartid!==false; - } - - /**returns the ID of this cart, returns false if the cart is not valid*/ - public function getCartId() - { - return $this->cartid; - } - - /**use this to get all existing tickets in this cart, then manipulate the tickets directly*/ - public function getTickets() - { - global $db; - if($this->cartid===false)return array(); - $res=$db->select("cart_ticket","*","cartid=".$db->escapeString($this->cartid)); - $ret=array(); - reset($res); - if(count($res)>0) - foreach($res as $k => $tc) - $ret[]=new CartTicket($tc["cartid"],$tc["eventid"],$tc["amount"]); - return $ret; - } - - /**use this to get tickets by eventid; returns false if it does not exist*/ - public function getTicketsByEvent($eventid) - { - global $db; - $where="cartid=".$db->escapeString($this->cartid)." AND eventid=".$db->escapeInt($eventid); - $res=$db->select("cart_ticket","*",$where); - if(count($res) > 0) - return new CartTicket($res[0]["cartid"],$res[0]["eventid"],$res[0]["amount"]); - else - return false; - } - - /**use this to add tickets, returns new CartTicket object or false if the event does not exist or is cancelled*/ - public function addTickets($eventid,$amount) - { - global $db; - //sanity check - if($amount<=0)return false; - $this->renewCart(); - //check that ticket can be sold - $event=new Event($eventid); - if($event->isCancelled())return false; - //begin transaction, get current data - $db->beginTransaction(); - $where="cartid=".$db->escapeString($this->cartid)." AND eventid=".$db->escapeInt($eventid); - $res=$db->select("cart_ticket","*",$where); - if(count($res)>0){ - $amount+=$res[0]["amount"]; - $ret=$db->update("cart_ticket",array("amount"=>$amount),$where); - }else{ - //insert into cart - $ret=$db->insert("cart_ticket",array("cartid"=>$this->cartid,"eventid"=>$eventid,"amount"=>$amount)); - } - if($ret===false){ - $db->rollbackTransaction(); - return false; - } - $db->commitTransaction(); - return new CartTicket($this->cartid,$eventid,$amount); - } - - /**checks that the whole content of the cart can be ordered; returns an empty array on success or an array of CartError objects on failure*/ - public function orderCheck() - { - global $db; - //NOTE: only covers online order - $ret=array(); - //go through events - global $db; - $itemcnt=0; - $res=$db->select("cart_ticket","*","cartid=".$db->escapeString($this->cartid)); - $orderstop=($db->getConfig("OrderStop")+0)*3600; - if(count($res)>0) - foreach($res as $k=>$tc){ - $evt=new Event($tc["eventid"]); - //check that tickets can be sold - if(!$evt->exists()) - $ret[]=new CartError(CE_EVENTUNKNOWN,$tc["eventid"]); - else - if($evt->availableTicketAmount()<$tc["amount"]) - $ret[]=new CartError(CE_EVENTNOTICKETS,$tc["eventid"]); - else - if(($evt->getStartTime()-$orderstop)<=time()) - $ret[]=new CartError(CE_EVENTOVER,$tc["eventid"]); - else - if($evt->isCancelled()) - $ret[]=new CartError(CE_EVENTCANCELLED,$tc["eventid"]); - else - $itemcnt++; - } - //check voucher values - $validvouchers=explode(" ",$db->getConfig("ValidVouchers")); - $res=$db->select("cart_voucher", "cvid,value", "cartid=".$db->escapeString($this->cartid)); - foreach($res as $k=>$vc){ - if(in_array("".$vc["value"],$validvouchers)) - $itemcnt++; - else - $ret[]=new CartError(CE_INVALIDVOUCHER); - } - //check that we have something to order - if($itemcnt<=0) - $ret[]=new CartError(CE_NOITEMS); - //return... - return $ret; - } - - /**makes sure the cart continues to exist*/ - public function renewCart() - { - global $db,$CartTimeout; - if ($this->isValid()) { - $db->update("cart", array("timeout"=>(time()+$CartTimeout)), "cartid=".$db->escapeInt($this->cartid)); - } - } - - /**deletes a cart and all its tickets */ - public function destroyCart() - { - global $db; - if ($this->isValid()) { - $db->beginTransaction(); - $db->deleteRows("cart_ticket", "cartid=".$db->escapeInt($this->cartid)); - $db->deleteRows("cart", "cartid=".$db->escapeInt($this->cartid)); - $db->commitTransaction(); - } - } - - /**adds the shipping address to the cart*/ - public function addShippingAddress($address) - { - global $db; - if ($this->isValid()) { - $db->update("cart", array("shippingaddress"=>$address), "cartid=".$db->escapeString($this->cartid)); - } - } - - /**adds the customer comments to the cart*/ - public function addOrderComments($comment) - { - global $db; - if ($this->isValid()) { - $db->update("cart", array("ordercomments"=>$comment), "cartid=".$db->escapeString($this->cartid)); - } - } - - /**returns the shipping address for the cart*/ - public function getShippingAddress() - { - global $db; - if ($this->isValid()) { - $res = $db->select("cart", "shippingaddress", "cartid=".$db->escapeString($this->cartid)); - if (count($res) > 0) - return $res[0]["shippingaddress"]; - else - return false; - } - } - - /**returns the customer comments for the cart*/ - public function getOrderComments() - { - global $db; - if ($this->isValid()) { - $res = $db->select("cart", "ordercomments", "cartid=".$db->escapeString($this->cartid)); - if (count($res) > 0) - return $res[0]["ordercomments"]; - else - return false; - } - } -}; - -?> \ No newline at end of file diff --git a/www/inc/classes/customer.php b/www/inc/classes/customer.php deleted file mode 100644 index f7bf04d..0000000 --- a/www/inc/classes/customer.php +++ /dev/null @@ -1,388 +0,0 @@ -id=false; - if($id!==false){ - $this->getByID($id); - } - } - - /**tries to get the customer by its ID, returns false if it fails*/ - public function getByID($id) - { - global $db; - $res=$db->select("customer","customerid","customerid=".$db->escapeInt($id)); - if(count($res)>0){ - $this->id=$id+0; - return true; - }else - return false; - } - - /**tries to get the customer by its email address, returns false if it fails*/ - public function getByMail($mail) - { - global $db; - $res=$db->select("webuser","customerid","email=".$db->escapeString($mail)); - if(count($res)>0){ - $this->id=$res[0]["customerid"]; - return true; - }else - return false; - } - - /** returns the ID of the customer */ - public function getID() - { - if($this->id===false) - return ""; - else - return $this->id; - } - - /**returns whether the customer has a valid id*/ - public function isValid() - { - if($this->id===false)return false; - if($this->id<0)return false; - return true; - } - - /** returns the name of the customer */ - public function getName() - { - global $db; - if($this->id===false) - return ""; - else { - $res = $db->select("customer", "name", "customerid=".$db->escapeInt($this->id)); - if (count($res) > 0) - return $res[0]["name"]; - else - return ""; - } - } - - /** returns the email address of the customer */ - public function getEmail() - { - global $db; - if($this->id===false) - return ""; - else { - $res = $db->select("webuser", "email", "customerid=".$db->escapeInt($this->id)); - if (count($res) > 0) - return $res[0]["email"]; - else - return ""; - } - - } - - /** returns the address of the customer */ - public function getAddress() - { - global $db; - if($this->id===false) - return ""; - else { - $res = $db->select("customer", "address", "customerid=".$db->escapeInt($this->id)); - if (count($res) > 0) - return $res[0]["address"]; - else - return ""; - } - - } - - /** returns the contact data of the customer */ - public function getContact() - { - global $db; - if($this->id===false) - return ""; - else { - $res = $db->select("customer", "contact", "customerid=".$db->escapeInt($this->id)); - if (count($res) > 0) - return $res[0]["contact"]; - else - return ""; - } - - } - - /**returns the data in an array suitable for the web-page-renderer*/ - public function getParserData() - { - return array("CUST_NAME"=>$this->getName(), "CUST_EMAIL"=>$this->getEmail(), "CUST_ADDRESS"=>$this->getAddress(), "CUST_CONTACT"=>$this->getContact()); - } - - /**checks whether the customer exists in the database; getByID or getByMail must have been called first*/ - public function exists() - { - return $this->id !== false; - } - - /**creates the customer in the database; getByID or getByMail must not have been called yet; - returns the new ID on success or false on failure*/ - public function create($name) - { - if($this->id!==false)return; - global $db; - $this->id=$db->insert("customer",array("name"=>$name)); - return $this->id; - } - - /**sets the email of this customer*/ - public function setMail($mail) - { - if($this->id===false)return; - global $db; - $db->beginTransaction(); - $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($this->id)); - if(count($res)==1) - $db->update("webuser",array("email"=>$mail),"customerid=".$db->escapeInt($this->id)); - else - $db->insert("webuser",array("email"=>$mail,"customerid"=>$this->id)); - $db->commitTransaction(); - } - - /**sets the password of this customer*/ - public function setPassword($pwd) - { - if($this->id===false)return; - global $db; - $pass=calcPasswd($pwd,getSalt()); - $db->beginTransaction(); - $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($this->id)); - if(count($res)==1) - $db->update("webuser",array("passwd"=>$pass),"customerid=".$db->escapeInt($this->id)); - else - $db->insert("webuser",array("passwd"=>$pass,"customerid"=>$this->id)); - $db->commitTransaction(); - } - - /**sets the address of this customer*/ - public function setAddress($address) - { - if($this->id===false) - return; - global $db; - $db->update("customer", array("address"=>$address), "customerid=".$db->escapeInt($this->id)); - } - - /**sets the contact data of this customer*/ - public function setContact($contact) - { - if($this->id===false) - return; - global $db; - $db->update("customer", array("contact"=>$phone), "customerid=".$db->escapeInt($this->id)); - } - - /**checks whether $password matches the stored password for this customer; returns true on success*/ - public function authenticate($passwd) - { - if($this->id===false)return false; - //get record - global $db; - $res=$db->select("webuser","passwd","customerid=".$db->escapeInt($this->id)); - //found anything? - if(count($res)<0)return false; - //is it a password - if(!is_string($res[0]["passwd"]) || strlen($res[0]["passwd"])<10)return false; - //check - $pwd=explode(":",$res[0]["passwd"]); - $pwd2=calcPasswd($passwd,$pwd[0]); - return $pwd2 == $res[0]["passwd"]; - } -}; - -/**machine interface: get the list of all existing customers*/ -function getCustomerListXml() -{ - global $db; - //return customers - $res=$db->select("customer","customerid,name",""); - $xml=new DOMDocument; - $root=$xml->createElement("CustomerList"); - if(count($res)>0) - foreach($res as $k => $rm){ - $cs=$xml->createElement("Customer"); - $cs->setAttribute("id",$rm["customerid"]); - $cs->setAttribute("name",$rm["name"]); - $root->appendChild($cs); - } - $xml->appendChild($root); - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXML()); -} - -/**machine interface: get a specific customer*/ -function getCustomerXml($cid) -{ - global $db; - //return customers - $res=$db->select("customer","*","customerid=".$db->escapeInt($cid)); - if(count($res)>0){ - $xml=new DOMDocument; - $cs=$xml->createElement("Customer"); - $cs->setAttribute("id",$res[0]["customerid"]); - $cs->setAttribute("name",$res[0]["name"]); - $cs->appendChild($xml->createElement("Address",xq($res[0]["address"]))); - $cs->appendChild($xml->createElement("Contact",xq($res[0]["contact"]))); - $cs->appendChild($xml->createElement("Comment",xq($res[0]["comments"]))); - $res=$db->select("webuser","email","customerid=".$db->escapeInt($cid)); - if(count($res)>0) - $cs->setAttribute("mail",$res[0]["email"]); - $xml->appendChild($cs); - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXML()); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Unknown Customer")); - } -} - -/**machine interface: set a customer*/ -function setCustomerXml($xmldata) -{ - //TODO:do more extensive syntax checking and better error reporting - //get XML - $xml=new DOMDocument; - if($xml->loadXML($xmldata)===false){ - header("X-MagicSmoke-Status: SyntaxError"); - die(tr("Unable to parse XML.")); - } - //stage 2: extract data from XML - $doc=$xml->documentElement; - global $db; - //get data - if($doc->hasAttribute("id")) - $id=$doc->getAttribute("id")+0; - else $id=-1; - $dt["name"]=$doc->getAttribute("name"); - $dt["address"]=""; - $dt["contact"]=""; - $dt["comments"]=""; - foreach($doc->getElementsByTagName("Address") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $dt["address"]=trim($cn->wholeText); - foreach($doc->getElementsByTagName("Contact") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $dt["contact"]=trim($cn->wholeText); - foreach($doc->getElementsByTagName("Comment") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $dt["comments"]=trim($cn->wholeText); - - if($id>=0){ - $db->update("customer",$dt,"customerid=".$db->escapeInt($id)); - header("X-MagicSmoke-Status: Ok"); - print($id); - }else{ - $id=$db->insert("customer",$dt); - header("X-MagicSmoke-Status: Ok"); - print($id); - } -} - -/**machine interface: delete or merge customers*/ -function deleteCustomerXml($txt) -{ - global $db; - //find customer and mergee ID - $lst=explode(" ",trim($txt)); - if($lst===false || count($lst)<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot find customer ID to delete."); - return; - } - $cust=$lst[0]+0; - if(!is_numeric($lst[0]) || $cust < 0){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Customer ID, cannot delete."); - return; - } - $mrg=false; - if(count($lst)>1){ - $mrg=$lst[1]+0; - if(!is_numeric($lst[1]) || $mrg < 0){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Customer ID, cannot merge."); - return; - } - } - //start transaction - $db->beginTransaction(); - //find both IDs - $res=$db->select("customer","customerid","customerid=".$db->escapeInt($cust)); - if($res===false || count($res)<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot find Customer ID, cannot delete."); - $db->rollbackTransaction(); - return; - } - if($mrg!==false){ - $res=$db->select("customer","customerid","customerid=".$db->escapeInt($mrg)); - if($res===false || count($res)<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot find Customer ID, cannot delete."); - $db->rollbackTransaction(); - return; - } - } - //cancel all sessions of deletee - $db->deleteRows("websession","customerid=".$db->escapeInt($cust)); - //if merge: - if($mrg!==false){ - //rewrite DB objects (orders) - $b=$db->update("order",array("customerid"=>$mrg),"customerid=".$db->escapeInt($cust))!==false; - //merge web-account; delete if another exists, otherwise move it - $res=$db->select("webuser","customerid","customerid=".$db->escapeInt($mrg)); - if($res===false || count($res)<1){ - $b&=$db->update("webuser",array("customerid"=>$mrg),"customerid=".$db->escapeInt($cust))!==false; - }else{ - $db->deleteRows("webuser","customerid=".$db->escapeInt($cust)); - } - //check success - if(!$b){ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot merge customers."); - $db->rollbackTransaction(); - return; - } - } - //attempt deletion - $b=$db->deleteRows("webuser","customerid=".$db->escapeInt($cust))!==false; - $b&=$db->deleteRows("customer","customerid=".$db->escapeInt($cust))!==false; - if(!$b){ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot delete customer."); - $db->rollbackTransaction(); - return; - } - //success! - $db->commitTransaction(); - header("X-MagicSmoke-Status: Ok"); -} - -?> \ No newline at end of file diff --git a/www/inc/classes/event.php b/www/inc/classes/event.php deleted file mode 100644 index 0d810b9..0000000 --- a/www/inc/classes/event.php +++ /dev/null @@ -1,408 +0,0 @@ -, (C) 2007 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -/* TRANSLATOR php:: */ - -/**Get an overview of all events: -returns an array of array("eventid"=>int, "title"=>string,"starttime"=>int)*/ -function getAllEvents() -{ - global $db; - return $db->select("event","eventid,title,starttime,capacity","","ORDER BY starttime"); -} - -/**Get an overview of events: returns an array of array("eventid"=>int); used by createEventList; returns only events in the future and ordered*/ -function getAllEventsForListing() -{ - global $db; - return $db->select("event","eventid","starttime>=".time()." ORDER BY starttime"); -} - - -/**Wrapper around event table*/ -class Event -{ - private $evid; - private $title; - private $artist; - private $description; - private $starttime; - private $endtime; - private $roomid; - private $capacity; - private $defaultprice; - private $cancelreason; - - /**creates an event object, the id must be a valid eventid gotten from getAllEvents or -1 if you - want to create a new event*/ - public function __construct($id) - { - global $db; - //check that event exists - $id=$id+0; - if($id<0)$id=-1; - else{ - $res=$db->select("event","*","eventid=$id"); - if(count($res)!=1)$id=-1; - else{ - $this->title=$res[0]["title"]; - $this->artist=$res[0]["artist"]; - $this->description=$res[0]["description"]; - $this->starttime=$res[0]["starttime"]; - $this->endtime=$res[0]["endtime"]; - $this->roomid=$res[0]["roomid"]; - $this->capacity=$res[0]["capacity"]; - $this->defaultprice=$res[0]["defaultprice"]; - $this->cancelreason=$res[0]["cancelreason"]; - } - } - //remember it - $this->evid=$id; - } - - /**returns whether this event already exists in the database*/ - public function exists() - { - return $this->evid >= 0; - } - - /**returns the ID of the event*/ - public function getEventId(){return $this->evid;} - /**returns the start time of the event*/ - public function getStartTime(){return $this->starttime;} - /**returns the end time of the event*/ - public function getEndTime(){return $this->endtime;} - /**returns the ticket capacity of the event*/ - public function getCapacity(){return $this->capacity;} - /**returns the default price in cent of the event*/ - public function getDefaultPrice(){return $this->defaultprice;} - /**returns whether the event is cancelled*/ - public function isCancelled() - { - if($this->cancelreason===false)return false; - else return $this->cancelreason!=""; - } - /**returns the title of the event*/ - public function getTitle(){return $this->title;} - /**returns the artist of the event*/ - public function getArtist(){return $this->artist;} - /**returns the room/place of the event*/ - public function getRoomId(){return $this->roomid;} - /**returns the description of the event*/ - public function getDescription(){return $this->description;} - /**returns the reason why the event is cancelled if isCancelled() returns true*/ - public function getCancelReason(){return $this->cancelreason;} - - /**returns the data in an array suitable for the web-page-renderer*/ - public function getParserData() - { - $lang = LanguageManager::singleton(); - - return array( - "DATE"=>$lang->getDate($this->getStartTime()), - "TIME"=>$lang->getTime($this->getStartTime()), - "PLACE"=>$this->getRoomId(), - "EVENTNAME"=>$this->getTitle(), - "ARTIST"=>$this->getArtist(), - "PRICE"=>$lang->getPrice($this->getDefaultPrice()), - "ID"=>$this->getEventId(), - "DESCRIPTION"=>$this->getDescription(), - "AVAILABLETICKETS"=>$this->availableTicketAmount() - ); - } - - /**returns how many tickets can still be sold*/ - public function availableTicketAmount() - { - global $db; - //is it valid? - if($this->evid<0)return 0; - //is it cancelled? - if($this->isCancelled())return 0; - //is it already over? - if(time()>$this->endtime)return 0; - //get existing tickets - $res=$db->select("ticket","status","eventid=".$db->escapeInt($this->evid)); - $amt=0; - if(count($res)>0) - foreach($res as $tk){ - if(($tk["status"] & TICKET_MBLOCK)!=0)$amt++; - } - return $this->capacity - $amt; - } -}; - -/**machine-function: get the requested events as XML data*/ -function getEventsXml($evts) -{ - header("X-MagicSmoke-Status: Ok"); - $xml=new DOMDocument; - $root=$xml->createElement("EventData"); - if(count($evts)>0) - foreach($evts as $k => $eid){ - $ev=new Event($eid); - if(!$ev->exists())continue; - $nod=$xml->createElement("Event"); - $nod->setAttribute("id",$eid); - $nod->setAttribute("start",$ev->getStartTime()); - $nod->setAttribute("end",$ev->getEndTime()); - $nod->setAttribute("capacity",$ev->getCapacity()); - $nod->setAttribute("defaultprice",$ev->getDefaultPrice()); - $nod->setAttribute("cancelled",$ev->isCancelled()?"true":"false"); - $nod->appendChild($xml->createElement("Title",xq($ev->getTitle()))); - $nod->appendChild($xml->createElement("Artist",xq($ev->getArtist()))); - $nod->appendChild($xml->createElement("Room",$ev->getRoomId())); - $nod->appendChild($xml->createElement("Description",xq($ev->getDescription()))); - if($ev->isCancelled()) - $nod->appendChild($xml->createElement("CancelReason",xq($ev->getCancelReason()))); - $root->appendChild($nod); - } - $xml->appendChild($root); - print($xml->saveXml()); -} - -/**Machine-Interface: set an event (it's not possible to set from Web-Browser)*/ -function setEventXml($xmldata) -{ - global $db; - //stage 1: parse XML - $xml=new DOMDocument; - if($xml->loadXML($xmldata)===false){ - header("X-MagicSmoke-Status: SyntaxError"); - echo "Unable to parse XML."; - return; - } - //stage 2: extract data from XML - $doc=$xml->documentElement; - $eventid=trim($doc->getAttribute("id")); - $start=trim($doc->getAttribute("start"))+0; - $end=trim($doc->getAttribute("end"))+0; - $capacity=trim($doc->getAttribute("capacity"))+0; - $defaultprice=trim($doc->getAttribute("defaultprice"))+0; - $title=$artist=$description=$room=$cancelreason=""; - foreach($doc->getElementsByTagName("Title") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $title=trim($cn->wholeText); - foreach($doc->getElementsByTagName("Artist") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $artist=trim($cn->wholeText); - foreach($doc->getElementsByTagName("Description") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $description=trim($cn->wholeText); - foreach($doc->getElementsByTagName("Room") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $room=trim($cn->wholeText); - foreach($doc->getElementsByTagName("CancelReason") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $cancelreason=trim($cn->wholeText); - //stage 3: validate input - if(ereg("^([0-9]+)|(new)$",$eventid)===false){ - header("X-MagicSmoke-Status: Error"); - echo "Invalid Event ID, must be positive integer or 'new'."; - return; - } - if($title==""){ - header("X-MagicSmoke-Status: Error"); - echo "Empty Title."; - return; - } - if($artist==""){ - header("X-MagicSmoke-Status: Error"); - echo "No Artist."; - return; - } - $db->beginTransaction(); - $res=$db->select("room","roomid","roomid=".$db->escapeString($room)); - if(count($res)<1){ - //end DB transaction - $db->rollbackTransaction(); - //error - header("X-MagicSmoke-Status: Error"); - echo "Invalid Room."; - return; - } - - //stage 4: call DB - $data["title"]=$title; - $data["artist"]=$artist; - $data["description"]=$description; - $data["starttime"]=$start; - $data["endtime"]=$end; - $data["roomid"]=$room; - $data["capacity"]=$capacity; - $data["defaultprice"]=$defaultprice; - if($eventid=="new"){ - //create event - $eventid=$db->insert("event",$data); - if($eventid===false){ - header("X-MagicSmoke-Status: Error"); - echo "Error accessing database."; - return; - } - }else{ - //check ID - $eventid=$eventid+0; - $res=$db->select("event","eventid,cancelreason","eventid=".$eventid); - if(count($res)==0){ - header("X-MagicSmoke-Status: Error"); - echo "Invalid Event: eventid does not exist in database."; - $db->rollbackTransaction(); - return; - } - if($res[0]["cancelreason"]!==NULL && $res[0]["cancelreason"]!="") - $data["cancelreason"]=$cancelreason." "; - $db->update("event",$data,"eventid=".$eventid); - } - $db->commitTransaction(); - header("X-MagicSmoke-Status: Ok"); - echo $eventid; -} - -/**machine interface: get XML data for event summary*/ -function getEventSummaryXml($evid) -{ - global $db; - //collect statistics - $res=$db->select("ticket","price,status,orderid","eventid=".$db->escapeInt($evid)); - $tcreserve=0; - $tccancel=0; - $totalmoney=0; - $total=0; - $tcbought=array(); - $tcused=array(); - $tcall=array(); - $oids=array(); - $soids=""; - foreach($res as $tc){ - switch($tc["status"]){ - case TICKET_RESERVED:$tcreserve++;break; - case TICKET_CANCELLED:$tccancel++;break; - case TICKET_BOUGHT: - if(isset($tcbought[$tc["price"]])) - $tcbought[$tc["price"]]++; - else - $tcbought[$tc["price"]]=1; - if(isset($tcall[$tc["price"]])) - $tcall[$tc["price"]]++; - else - $tcall[$tc["price"]]=1; - $totalmoney+=$tc["price"]; - $total++; - break; - case TICKET_USED: - if(isset($tcused[$tc["price"]])) - $tcused[$tc["price"]]++; - else - $tcused[$tc["price"]]=1; - if(isset($tcall[$tc["price"]])) - $tcall[$tc["price"]]++; - else - $tcall[$tc["price"]]=1; - $totalmoney+=$tc["price"]; - $total++; - break; - } - if($tc["orderid"]!==false && !in_array($tc["orderid"],$oids)){ - $oids[]=$tc["orderid"]; - $soids.=" ".$tc["orderid"]; - } - } - //get comments - sort($oids); - $comments=array(); - foreach($oids as $oid){ - $res=$db->select("order","comments,customerid","orderid=".$db->escapeInt($oid)); - if($res===false || count($res)==0)continue; - if($res[0]["comments"]===false || trim($res[0]["comments"])=="")continue; - $res2=$db->select("customer","name","customerid=".$db->escapeInt($res[0]["customerid"])); - if($res2===false || count($res2)==0)continue; - $comments[]=array("cid"=>$res[0]["customerid"],"cs"=>$res2[0]["name"],"cm"=>$res[0]["comments"],"oid"=>$oid); - } - //create XML - $xml=new DomDocument; - $doc=$xml->createElement("EventSummary"); - $doc->setAttribute("reserved",$tcreserve); - $doc->setAttribute("cancelled",$tccancel); - $doc->setAttribute("totaltickets",$total); - $doc->setAttribute("totalmoney",$totalmoney); - $doc->setAttribute("event",$evid); - $prices=array_keys($tcall); - sort($prices); - foreach($prices as $price){ - $p=$xml->createElement("Tickets"); - $p->setAttribute("price",$price); - $p->setAttribute("bought",$tcall[$price]); - if(isset($tcbought[$price])) - $p->setAttribute("unused",$tcbought[$price]); - else - $p->setAttribute("unused",0); - if(isset($tcused[$price])) - $p->setAttribute("used",$tcused[$price]); - else - $p->setAttribute("used",0); - $doc->appendChild($p); - } - foreach($comments as $comment){ - $p=$xml->createElement("Comment"); - $p->setAttribute("customerid",$comment["cid"]); - $p->setAttribute("customer",$comment["cs"]); - $p->setAttribute("orderid",$comment["oid"]); - $p->appendChild($xml->createTextNode($comment["cm"])); - $doc->appendChild($p); - } - $doc->appendChild($xml->createElement("Orders",trim($soids))); - $xml->appendChild($doc); - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXml()); -} - -function cancelEventXml($data) -{ - $lst=explode("\n",$data); - if(count($lst)!=2){ - header("X-MagicSmoke-Status: Error"); - die(tr("Malformed request.")); - } - $eid=trim($lst[0]); - if(!is_numeric($eid)){ - header("X-MagicSmoke-Status: Error"); - die(tr("The event id must be numeric.")); - } - $eid=$eid+0; - if($eid<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Invalid event id.")); - } - //check event id - global $db; - $db->beginTransaction(); - $res=$db->select("event","eventid,cancelreason","eventid=".$db->escapeInt($eid)); - if(count($res)<1){ - header("X-MagicSmoke-Status: Error"); - $db->rollbackTransaction(); - die(tr("Invalid event id.")); - } - //update cancelreason - $db->update("event",array("cancelreason"=>(trim($lst[1])." ")),"eventid=".$db->escapeInt($eid)); - //propagate to tickets (does not hurt to do this multiple times) - $db->update("ticket",array("status"=>TICKET_CANCELLED),"eventid=".$db->escapeInt($eid)." AND status!=".$db->escapeInt(TICKET_USED)); - $db->commitTransaction(); - header("X-MagicSmoke-Status: Ok"); -} - -?> \ No newline at end of file diff --git a/www/inc/classes/order.php b/www/inc/classes/order.php deleted file mode 100644 index 51e04de..0000000 --- a/www/inc/classes/order.php +++ /dev/null @@ -1,1287 +0,0 @@ -, (C) 2007 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -/* TRANSLATOR php:: */ - -/**an order has been placed, this flag is set when the order is filled and finalized*/ -define("ORDER_PLACED",0); -/**the order has been sent out (it must be placed first; direct sales are automatically sent)*/ -define("ORDER_SENT",1); -/**the order has been sold directly, alias for ORDER_SENT */ -define("ORDER_SOLD",1); -/**the order has been cancelled by the user (this is only possible as long as no money has been paid and nothing has been sent yet)*/ -define("ORDER_CANCELLED",2); -/**the order is on reservation status: it is placed, but is waiting for confirmation, hence no shipment is possible and the tickets cannot be used*/ -define("ORDER_RESERVED",4); -/**the order has been finalized; no more changes possible; TODO: define exactly what this means*/ -define("ORDER_CLOSED",0x80); - -/**order validation: output XML*/ -define("VALIDATEORDER_XML",1); -/**order validation: return whether it can be ordered (no XML)*/ -define("VALIDATEORDER_ORDER",2); -/**order validation: return whether it can be sold (no XML)*/ -define("VALIDATEORDER_SALE",3); - - - -/**this class represents an order in the database*/ -class Order -{ - //cache - private $orderid=false; - private $status=false; - private $customerid=false; - private $deliveryaddress=""; - private $comment=""; - private $seller=false; - private $amountpaid=0; - private $ordertime=false; - private $senttime=false; - private $shippingcosts=0; - private $shippingtype=false; - //to be submitted - private $newtickets; - private $newticketamounts; - private $newvouchers; - - /**instantiates an existing order with the given orderid or creates a new one if orderid===false*/ - public function __construct($orderid=false) - { - global $db; - if($orderid!==false){ - //get it from DB - $res=$db->select("order","*","orderid=".$db->escapeInt($orderid)); - if(count($res)==0){ - return; - } - $this->orderid=$res[0]["orderid"]; - $this->status=$res[0]["status"]; - $this->customerid=$res[0]["customerid"]; - $this->deliveryaddress=$res[0]["deliveryaddress"]; - $this->comment=$res[0]["comments"]; - $this->seller=$res[0]["soldby"]; - $this->amountpaid=$res[0]["amountpaid"]; - $this->ordertime=$res[0]["ordertime"]; - $this->senttime=$res[0]["senttime"]; - if(!$db->isNull($res[0]["shippingtype"])){ - $this->shippingcosts=$res[0]["shippingcosts"]+0; - $this->shippingtype=$res[0]["shippingtype"]; - } - } - $this->newtickets=array(); - $this->newticketamounts=array(); - $this->newvouchers=array(); - } - - /**returns whether the order can still be changed; this does not affect the modify routines*/ - public function canChange() - { - return $this->status == false; - } - - /**returns whether the order is a valid DB object*/ - public function isValid() - { - return $this->orderid!==false; - } - - /**returns the sent time as unix timestamp*/ - public function getSentTime() - { - return $this->senttime; - } - - /**removes all items from the given Cart and enters them into itself; returns false if some items cannot be ordered or the order is already closed*/ - public function emptyCart($cart) - { - //check carts contents - if(count($cart->orderCheck())>0)return false; - //check myself - if(!$this->canChange())return false; - //get tickets - $tick=$cart->getTickets(); - if(count($tick)>0) - foreach($tick as $k=>$tc){ - $eid=$tc->getEventId(); - $amt=$tc->getAmount(); - $tc->changeAmount(0); - for($i=0;$i<$amt;$i++) - $this->newtickets[$eid][]=-1; - } - //TODO: get vouchers - - //get other fields - if (!isEmpty($cart->getShippingAddress())) - $this->deliveryaddress=$cart->getShippingAddress(); - else { - $customer = new Customer($this->customerid); - if ($customer->isValid()) - $this->deliveryaddress=$customer->getAddress(); - } - $this->comment=$cart->getOrderComments(); - return true; - } - - /**used by XML functions: add a single ticket for an event*/ - public function addTicket($eid,$price=-1) - { - $this->newtickets[$eid][]=$price; - } - - /**used by XML functions: add a voucher (if value is omitted it equals price); returns true on success*/ - public function addVoucher($value,$price=false) - { - if(!is_numeric($value))return false; - if($price===false)$price=$value; - if(!is_numeric($price))return false; - if($price<0 || $value<=0)return false; - $this->newvouchers[]=array("price"=>$price,"value"=>$value); - return true; - } - - /**sets the customer of this order; returns true on success, false on failure*/ - public function setCustomer($cust) - { - global $db; - if(!$this->canChange() || !$cust->isValid())return false; - $this->customerid=$cust->getID(); - return true; - } - - /**sets the customer of this order; returns true on success, false on failure*/ - public function setCustomerId($cust) - { - return $this->setCustomer(new Customer($cust)); - } - - /**sets the shipping type/price of the order; if price is omitted, it is taken from the DB; if type is false it means no shipping involved; returns true on success*/ - public function setShipping($stype,$sprice=false) - { - if(!$this->canChange())return false; - //check for no shipping - if($stype===false){ - $this->shippingtype=false; - $this->shippingcosts=0; - } - //get DB data, check that type exists - global $db; - $res=$db->select("shipping","cost","shipid=".$db->escapeInt($stype)); - if($res===false || count($res)<1)return false; - //check price - if($sprice===false)$sprice=$res[0]["cost"]; - //remember - $this->shippingtype=$stype+0; - $this->shippingcosts=$sprice+0; - return true; - } - - /**places/finalizes the order; returns false on failure, true on success or if the order already was finalized()*/ - public function placeOrder($inistate=ORDER_PLACED) - { - //sanity check -// print(1); - if(!$this->canChange())return false; - if((count($this->newtickets)+count($this->newvouchers))==0)return false; - switch($inistate){ - case ORDER_PLACED: - case ORDER_RESERVED: - case ORDER_SOLD: - //ok, understood - break; - default: - //don't understand anything else - return false; - break; - } -// print("a"); - global $db,$session; - $db->beginTransaction(); - if(!$this->validateOrder($inistate==ORDER_SOLD?VALIDATEORDER_SALE:VALIDATEORDER_ORDER)){ - $db->rollbackTransaction(); - return false; - } -// print(2); - //create order, incl shipping - $this->status=$inistate; - if(isset($session))$usr=$session->getUser(); - else $usr=false; - $this->seller=$usr; - $this->ordertime=time(); - $this->amountpaid=0; - $this->orderid=$db->insert("order",array("customerid"=>$this->customerid,"soldby"=>$usr,"deliveryaddress"=>$this->deliveryaddress,"status"=>$this->status,"ordertime"=>$this->ordertime,"comments"=>$this->comment,"amountpaid"=>0,"shippingtype"=>$this->shippingtype,"shippingcosts"=>$this->shippingcosts)); -// print(3); - //orderid ok? - if($this->orderid===false){ - $db->rollbackTransaction(); - return false; - } - //insert tickets - $totalprice=$this->shippingcosts; - foreach($this->newtickets as $evid=>$tcs){ - $amount=count($tcs); - for($i=0;$i<$amount;$i++){ - $tick=new Ticket; - $tick->setEventId($evid); - if($tcs[$i]>=0)$tick->setPrice($tcs[$i]); - $tick->addToOrder($this->orderid); - $totalprice+=$tick->getPrice(); - //TODO: check return code of addToOrder - } - } - //insert vouchers - foreach($this->newvouchers as $vc){ - $vouc=new Voucher; - $vouc->addToOrder($this->orderid,$vc["price"],$vc["value"]); - $totalprice+=$vc["price"]; - //TODO: check return code of addToOrder - } - //update amountpaid for sales - if($inistate==ORDER_SOLD){ - $db->update("order",array("amountpaid"=>$totalprice,"status"=>ORDER_SENT),"orderid=".$db->escapeInt($this->orderid)); - $this->status=ORDER_SENT; - $this->amountpaid=$totalprice; - } -// print(4); - $db->mkLog(array("orderid"=>$this->orderid,"orderpaid"=>$this->amountpaid,"orderdue"=>$totalprice),tr("create order")); - //end - $db->commitTransaction(); - return true; - } - - /**validates the order against the database; returns whether it can be opened as an order; $mode must be one of the VALIDATEORDER_* constants; prints an order object fit for checkorder if $mode is VALIDATEORDER_XML*/ - public function validateOrder($mode) - { - global $db; - $dumpxml=$mode==VALIDATEORDER_XML; - $isSale=$mode==VALIDATEORDER_SALE; - $ret=true; - $price=0; - $ostat="ok"; - $xml=new DomDocument; - $ord=$xml->createElement("Order"); - //check customer - $res=$db->select("customer","customerid","customerid=".$db->escapeInt($this->customerid)); - if(count($res)<1){ - //no customer: cannot work - if($dumpxml===false)return false; - $ostat="fail"; - $ret=false; - $ord->setAttribute("customer","-1"); - }else - $ord->setAttribute("customer",$this->customerid); - //check tickets - $orderstop=($db->getConfig("OrderStop")+0)*3600; - $salestop=($db->getConfig("SaleStop")+0)*3600; - $curtime=time(); - $totalprice=0; - $ftid=0; - foreach($this->newtickets as $evid => $tcs){ - $amount=count($tcs); - $evt=new Event($evid); - //check whether the event exists - if(!$evt->exists()){ - if($dumpxml===false)return false; - //create only one ticket and make it sound negative - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status","invalid"); - $ev->setAttribute("id",$ftid++); - $ord->appendChild($ev); - $ret=false; - $ostat="fail"; - continue; - } - $stime=$evt->getStartTime(); - $etime=$evt->getEndTime(); - $estat="ok"; - //check whether we can still order - if(($stime-$orderstop)<=$curtime){ - $estat="saleonly"; - //if this is an order: can't do it - if(!$isSale){ - $ret=false; - if($dumpxml===false) - return false; - } - } - //check whether we can still sell - if(($etime-$salestop)<=$curtime){ - if($estat=="ok")$estat="orderonly"; - else $estat="toolate"; - //if this is a sale: can't do it - if($isSale){ - $ret=false; - if($dumpxml===false) - return false; - } - } - //set order state - if($estat!="ok"){ - if($ostat=="ok")$ostat=$estat; - else if($ostat!=$estat)$ostat="fail"; - } - //create matching error XML for total order+sale failure - if($estat=="toolate"){ - //create only one ticket and make it sound negative - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status",$estat); - $ev->setAttribute("id",$ftid++); - if($estat!="toolate") - $ev->setAttribute("price",$evt->getDefaultPrice()); - $ord->appendChild($ev); - continue; - } - //check whether event is cancelled - if($evt->isCancelled()){ - if($dumpxml===false)return false; - //create only one ticket and make it sound negative - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status","cancelled"); - $ev->setAttribute("id",$ftid++); - $ord->appendChild($ev); - $ret=false; - continue; - } - //check whether enough tickets are available - $avail=$evt->availableTicketAmount(); - if($avail<$amount){ - if($dumpxml===false)return false; - //create a few (semi-)good ones - for($i=0;$i<$avail;$i++){ - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status",$estat); - $ev->setAttribute("price",$evt->getDefaultPrice()); - $ev->setAttribute("id",$ftid++); - $ord->appendChild($ev); - $totalprice+=$evt->getDefaultPrice(); - } - //create only one bad ticket - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status","exhausted"); - $ev->setAttribute("id",$ftid++); - $ord->appendChild($ev); - $ostat="fail"; - $ret=false; - continue; - } - //survived all tests: finally create (semi-)good tickets - for($i=0;$i<$amount;$i++){ - $ev=$xml->createElement("Ticket"); - $ev->setAttribute("event",$evid); - $ev->setAttribute("status",$estat); - $ev->setAttribute("price",$evt->getDefaultPrice()); - $ev->setAttribute("id",$ftid++); - $ord->appendChild($ev); - $totalprice+=$evt->getDefaultPrice(); - } - } - - //check vouchers - global $session; - $cananyvval=$session->canExecute("_anyvoucher"); - $cananyvprc=$session->canExecute("_anypricevoucher"); - $vvals=array(); - foreach(explode(" ",$db->getConfig("ValidVouchers")) as $v)$vvals[]=$v+0; - foreach($this->newvouchers as $vc){ - $vx=$xml->createElement("Voucher"); - $vx->setAttribute("price",$vc["price"]); - $vx->setAttribute("value",$vc["value"]); - $vx->setAttribute("id",$ftid++); - //check for valid value - if(!$cananyvval && !in_array($vc["value"],$vvals)){ - $vx->setAttribute("status",tr("invalidvalue","voucher state")); - $ostat="fail"; - $ret=false; - }else - //check for value==price - if(!$cananyvprc && $vc["price"]!=$vc["value"]){ - $vx->setAttribute("status",tr("invalidprice","voucher state")); - $ostat="fail"; - $ret=false; - }else - $totalprice+=$vc["price"]; - //dump it - $ord->appendChild($vx); - } - - //check shipping - if($this->shippingtype!==false){ - $cananyship=$session->canExecute("_anyshipping"); - $cananysprc=$session->canExecute("_repriceshipping"); - //check shipping type exists - $res=$db->select("shipping","*","shipid=".$db->escapeInt($this->shippingtype)); - $sp=$xml->createElement("Shipping"); - if($res!==false && count($res)>0){ - //check user has right to use this - if(!$res[0]["canallusers"] && !$cananyship){ - $sp->setAttribute("type","-1"); - $sp->setAttribute("price",0); - $sp->appendChild($xml->createTextNode(tr("Shipping type not available to user."))); - $ostat="fail"; - $ret=false; - }else{ - //correct price - if(!$cananysprc) - $this->shippingcosts=$res[0]["cost"]; - //create target - $sp->setAttribute("type",$this->shippingtype); - $sp->setAttribute("price",$this->shippingcosts); - $sp->appendChild($xml->createTextNode($res[0]["description"])); - //add to sum - $totalprice+=$this->shippingcosts; - } - }else{ - $sp->setAttribute("type","-1"); - $sp->setAttribute("price",0); - $sp->appendChild($xml->createTextNode(tr("Illegal shipping type."))); - $ostat="fail"; - $ret=false; - } - $ord->appendChild($sp); - } - - //add other data and dump XML - if($dumpxml){ - $ord->appendChild($xml->createElement("DeliveryAddress",xq($this->deliveryaddress))); - $ord->appendChild($xml->createElement("Comment",xq($this->comment))); - $ord->setAttribute("status",$ostat); - $ord->setAttribute("totalprice",$totalprice); - $xml->appendChild($ord); - print($xml->saveXml()); - } - //return result of tests - return $ret; - } - - /**returns the ID of this order or false if it is not in the database yet*/ - public function getOrderId() - { - return $this->orderid; - } - - /**dumps the whole order as XML*/ - public function dumpXml() - { - $xml=new DomDocument; - $doc=$xml->createElement("Order"); - $doc->setAttribute("id",$this->orderid); - $doc->setAttribute("customer",$this->customerid); - $doc->setAttribute("seller",$this->seller); - $doc->setAttribute("ordertime",$this->ordertime); - $doc->setAttribute("paid",$this->amountpaid); - switch($this->status){ - case ORDER_PLACED: - $doc->setAttribute("status","placed"); - break; - case ORDER_SENT: - $doc->setAttribute("status","sent"); - break; - case ORDER_CANCELLED: - $doc->setAttribute("status","cancelled"); - break; - case ORDER_RESERVED: - $doc->setAttribute("status","reserved"); - break; - case ORDER_CLOSED: - $doc->setAttribute("status","closed"); - break; - default: - $doc->setAttribute("status","error"); - break; - } - $doc->setAttribute("senttime",$this->senttime); - //add Tickets - $totalprice=0; - global $db; - $res=$db->select("ticket","ticketid","orderid=".$db->escapeInt($this->orderid)); - if($res!==false && count($res)>0) - foreach($res as $tc){ - $tick=new Ticket($tc["ticketid"]); - $tx=$xml->createElement("Ticket"); - $tx->setAttribute("event",$tick->getEventId()); - $tx->setAttribute("id",$tick->getTicketID()); - $tx->setAttribute("price",$tick->getPrice()); - $tx->setAttribute("status",$tick->xmlStatus()); - if($tick->mustBePaid())$totalprice+=$tick->getPrice(); - $doc->appendChild($tx); - } - //add vouchers - $res=$db->select("voucher","voucherid,price,value,isused","orderid=".$db->escapeInt($this->orderid)); - if($res!==false && count($res)>0) - foreach($res as $vc){ - $vx=$xml->createElement("Voucher"); - $vx->setAttribute("id",$vc["voucherid"]); - $vx->setAttribute("price",$vc["price"]); - $vx->setAttribute("value",$vc["value"]); - $vx->setAttribute("used",$vc["isused"]?"1":"0"); - $totalprice+=$vc["price"]; - $doc->appendChild($vx); - } - - //add shipping - if($this->shippingtype !== false){ - $sx=$xml->createElement("Shipping"); - $sx->setAttribute("price",$this->shippingcosts); - $sx->setAttribute("type",$this->shippingtype); - $res=$db->select("shipping","*","shipid=".$db->escapeInt($this->shippingtype)); - if($res!==false && count($res)>0){ - $sx->appendChild($xml->createTextNode($res[0]["description"])); - } - $doc->appendChild($sx); - if($this->status==ORDER_PLACED || $this->status==ORDER_SENT || $this->status==ORDER_RESERVED) - $totalprice+=$this->shippingcosts; - } - - //add sum - $doc->setAttribute("totalprice",$totalprice); - - //add static fields - $doc->appendChild($xml->createElement("DeliveryAddress",xq($this->deliveryaddress))); - $doc->appendChild($xml->createElement("Comment",xq($this->comment))); - - //dump - $xml->appendChild($doc); - print($xml->saveXml()); - } - - /**returns the current status of the order*/ - public function getStatus() - { - return $this->status; - } - - /**helper function: returns the total price of the order*/ - public function totalPrice() - { - global $db; - //calculate amount due - $totalprice=0; - $res=$db->select("ticket","ticketid","orderid=".$db->escapeInt($this->orderid)); - if($res!==false && count($res)>0) - foreach($res as $tc){ - $tick=new Ticket($tc["ticketid"]); - if($tick->mustBePaid())$totalprice+=$tick->getPrice(); - } - //add vouchers - $res=$db->select("voucher","price","orderid=".$db->escapeInt($this->orderid)); - if($res!==false && count($res)>0) - foreach($res as $vc){ - $totalprice+=$vc["price"]; - } - //add shipping - if($this->status==ORDER_PLACED || $this->status==ORDER_RESERVED || $this->status==ORDER_SENT) - $totalprice+=$this->shippingcosts; - return $totalprice; - } - - /**helper function: returns the amount due to be paid; returns a negative value for refunds*/ - public function amountDue() - { - //compare with what has been paid, return diff - return $this->totalPrice()-$this->amountpaid; - } - - /**returns the amount already paid*/ - public function amountPaid() - { - return $this->amountpaid; - } - - /**helper function: returns whether the order has outstanding payments/refunds*/ - public function getPaymentStatus() - { - $adue=$this->amountDue(); - if($adue==0)return "ok"; - if($adue<0)return "needrefund"; - else return "needpayment"; - } - - /**sets the order to being shipped, returns true on success*/ - public function setShipped($stm=-1) - { - if(!$this->isValid())return false; - if($this->status!=ORDER_PLACED)return false; - global $db; - if($stm<0)$stm=time(); - $this->senttime=$stm; - $db->update("order",array("status"=>ORDER_SENT,"senttime"=>$this->senttime),"orderid=".$db->escapeInt($this->orderid)); - return true; - } - - /**sets the order to being cancelled, returns true on success*/ - public function setCancelled() - { - global $db; - $db->beginTransaction(); - //check validity and status - $res=$db->select("order","status","orderid=".$db->escapeInt($this->orderid)); - if($res===false || count($res)<1){ - $db->rollbackTransaction(); - return false; - } - if($res[0]["status"]!=ORDER_PLACED && $res[0]["status"]!=ORDER_RESERVED){ - $db->rollbackTransaction(); - return false; - } - //TODO: handle orders that have been sent, but are rolled back now - //check tickets - $res=$db->select("ticket","status","orderid=".$db->escapeInt($this->orderid)); - for($i=0;$irollbackTransaction(); - return false; - } - } - //check vouchers - $res=$db->select("voucher","price,isused,value","orderid=".$db->escapeInt($this->orderid)); - for($i=0;$irollbackTransaction(); - return false; - } - //propagate to tickets - $db->update("ticket",array("status"=>TICKET_CANCELLED),"orderid=".$db->escapeInt($this->orderid)); - //propagate to vouchers - $db->update("voucher",array("price"=>0,"value"=>0,"isused"=>0),"orderid=".$db->escapeInt($this->orderid)); - //set order to cancelled - $db->update("order",array("status"=>ORDER_CANCELLED,"senttime"=>time()),"orderid=".$db->escapeInt($this->orderid)); - $db->mkLog(array("orderid"=>$this->orderid,"orderdue"=>0,"orderpaid"=>$this->amountpaid),tr("order cancelled")); - $db->commitTransaction(); - return true; - } - - /**creating orders: set a delivery address*/ - public function setDeliveryAddress($da) - { - $this->deliveryaddress=trim($da); - } - - /**creating orders: set comment*/ - public function setComment($cm) - { - $this->comment=trim($cm); - } - - /**change a reservation into an order or sale*/ - public function changeReservation($mode) - { - global $db; - $db->beginTransaction(); - //check current status - $res=$db->select("order","status","orderid=".$db->escapeInt($this->orderid)); - if($res===false || count($res)<1){ - $db->rollbackTransaction(); - return false; - } - if($res[0]["status"]!=ORDER_RESERVED){ - $db->rollbackTransaction(); - return false; - } - //set new status - $due=$this->totalPrice(); - $set=array("status"=>$mode,"amountpaid"=>0); - if($mode==ORDER_SOLD) - $set["amountpaid"]=$due; - $db->update("order",$set,"orderid=".$db->escapeInt($this->orderid)); - $db->mkLog(array("orderid"=>$this->orderid,"orderpaid"=>$set["amountpaid"],"orderdue"=>$due),tr("reservation to order")); - $db->commitTransaction(); - return true; - } -}; - -function createOrderXml($xmldata,$action) -{ - //parse XML data and fill order object - $order=new Order; - $xml=new DomDocument; - $xml->loadXml($xmldata); - $doc=$xml->documentElement; - $cust=$doc->getAttribute("customer")+0; - $order->setCustomerId($cust); - global $session; - $canprice=$session->canExecute("changeticketprice"); - //get tickets - foreach($doc->getElementsByTagName("Ticket") as $tc){ - if($canprice){ - $price=trim($tc->getAttribute("price")); - if($price=="" || !is_numeric($price))$price=-1; - else $price=$price+0; - }else $price=-1; - $order->addTicket($tc->getAttribute("event")+0,$price); - } - //get vouchers - foreach($doc->getElementsByTagName("Voucher") as $vc){ - $v=trim($vc->getAttribute("value")); - if($vc->hasAttribute("price")) - $p=trim($vc->getAttribute("price")); - else - $p=false; - $order->addVoucher($v,$p); - } - - //get shipping - foreach($doc->getElementsByTagName("Shipping") as $sp){ - if($sp->hasAttribute("price")) - $p=trim($sp->getAttribute("price")); - else - $p=false; - $t=trim($sp->getAttribute("type")); - $order->setShipping($t,$p); - } - - //get opt. address - foreach($doc->getElementsByTagName("DeliveryAddress") as $da){ - foreach($da->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $order->setDeliveryAddress($cn->wholeText); - } - foreach($doc->getElementsByTagName("Comment") as $da){ - foreach($da->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $order->setComment($cn->wholeText); - } - //get opt. comment - //check action - switch($action){ - case "check": - // check order - header("X-MagicSmoke-Status: Ok"); - $order->validateOrder(VALIDATEORDER_XML); - break; - case "order": - // create order - if($order->placeOrder()){ - header("X-MagicSmoke-Status: Ok"); - $order->dumpXml(); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Cannot place order, sorry.")); - } - break; - case "sell": - //create order - if($order->placeOrder(ORDER_SOLD)){ - header("X-MagicSmoke-Status: Ok"); - //finalize sale - $order->dumpXml(); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Cannot place sale, sorry.")); - } - break; - case "reserve": - // create order - if($order->placeOrder(ORDER_RESERVED)){ - header("X-MagicSmoke-Status: Ok"); - $order->dumpXml(); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Cannot place order, sorry.")); - } - break; - default: - header("X-MagicSmoke-Status: Error"); - die(tr("Internal Error: unknown action.")); - } -} - -//returns an overview over all orders -function getOrderListXml($where="") -{ - global $db; - $xml=new DomDocument; - $doc=$xml->createElement("OrderList"); - $res=$db->select("order","orderid,customerid,status,amountpaid,shippingtype,shippingcosts",$where,"ORDER BY orderid DESC"); - foreach($res as $ord){ - $price=0; - //check shipping - if(!$db->isNull($ord["shippingtype"])) - $price+=$ord["shippingcosts"]; - //collect tickets - $tres=$db->select("ticket","price,status","orderid=".$db->escapeInt($ord["orderid"])); - foreach($tres as $tc) - if(($tc["status"]&TICKET_MPAY)!=0) - $price+=$tc["price"]; - //collect vouchers - $tres=$db->select("voucher","price","orderid=".$db->escapeInt($ord["orderid"])); - foreach($tres as $tc) - $price+=$tc["price"]; - //generate XML - $ox=$xml->createElement("Order"); - $ox->setAttribute("id",$ord["orderid"]); - $ox->setAttribute("customer",$ord["customerid"]); - $ox->setAttribute("totalprice",$price); - $ox->setAttribute("paid",$ord["amountpaid"]); - switch($ord["status"]){ - case ORDER_PLACED: - $ox->setAttribute("status","placed"); - break; - case ORDER_SENT: - $ox->setAttribute("status","sent"); - break; - case ORDER_CANCELLED: - $ox->setAttribute("status","cancelled"); - break; - case ORDER_RESERVED: - $ox->setAttribute("status","reserved"); - break; - case ORDER_CLOSED: - $ox->setAttribute("status","closed"); - break; - default: - $ox->setAttribute("status","error"); - break; - } - //add to XML - $doc->appendChild($ox); - } - $xml->appendChild($doc); - //output - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXml()); -} - -function getOrderXml($oid) -{ - $order=new Order($oid); - if($order->isValid()){ - header("X-MagicSmoke-Status: Ok"); - $order->dumpXml(); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("No such orderID in database.")); - } -} - -//pay or refund -function orderPayXml($data,$factor) -{ - //split data - $dlst=explode(" ",trim($data)); - if(count($dlst)!=2){ - header("X-MagicSmoke-Status: Error"); - die(tr("Expected 2 arguments.")); - } - //check that order id is int - $oid=$dlst[0]+0; - if(!is_numeric($dlst[0])||$oid<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Invalid Order ID")." $oid $dlst[0]"); - } - //check amount - $amt=round($dlst[1]+0); - if($amt<=0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Expected positive amount.")); - } - //check that order exists - global $db; - $db->beginTransaction(); - $res=$db->select("order","amountpaid,status","orderid=".$db->escapeInt($oid)); - if(count($res)<1){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Order does not exist.")); - } - //check status - if($res[0]["status"]==ORDER_CLOSED){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Order cannot be changed, it is closed.")); - } - if($res[0]["status"]==ORDER_RESERVED){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Order cannot be paid for, it is only a reservation. Order or sell it first!")); - } - //correct DB - $amt2=$res[0]["amountpaid"]+($amt*$factor); - $db->update("order",array("amountpaid"=>$amt2),"orderid=".$db->escapeInt($oid)); - $db->mkLog(array("orderid"=>$oid,"orderpaid"=>$amt2,"moved"=>$amt),$factor>0?tr("payment"):tr("refund")); - $db->commitTransaction(); - //output - header("X-MagicSmoke-Status: Ok"); - echo $amt2; -} - -//mark order as shipped -function orderShippedXml($txt) -{ - $spl=split("\n",$txt); - $oid=trim($spl[0]); - if(!is_numeric($oid)){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID must be numeric.")); - } - $oid=$oid+0; - if($oid<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID is invalid.")); - } - $ord=new Order($oid); - if(!$ord->isValid()){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID is invalid.")); - } - //check for date (-1=now) - global $session; - $sd=-1; - if(count($spl)>1 && $session->canExecute("_explicitshipdate")){ - $sd=trim($spl[1]); - if(is_numeric($sd))$sd=$sd+0; - else $sd=-1; - } - //set it - if($ord->setShipped($sd)){ - header("X-MagicSmoke-Status: Ok"); - print($ord->getSentTime()); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Wrong state, cannot set order to shipped.")); - } -} - -//mark order as cancelled -function orderCancelXml($oid) -{ - if(!is_numeric($oid)){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID must be numeric.")); - } - $oid=$oid+0; - if($oid<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID is invalid.")); - } - $ord=new Order($oid); - if(!$ord->isValid()){ - header("X-MagicSmoke-Status: Error"); - die(tr("Order ID is invalid.")); - } - if($ord->setCancelled()){ - header("X-MagicSmoke-Status: Ok"); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Wrong state, cannot set order to cancelled.")); - } -} - -//find an order -function orderByTicketXml($ticket) -{ - global $db; - $res=$db->select("ticket","orderid","ticketid=".$db->escapeString($ticket)); - if(count($res)<1){ - //try voucher instead - $res=$db->select("voucher","orderid","voucherid=".$db->escapeString($ticket)); - if(count($res)<1){ - header("X-MagicSmoke-Status: Error"); - die(tr("Ticket or Voucher not found.")); - } - } - if($db->isNull($res[0]["orderid"]) || $res[0]["orderid"]<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Ticket/Voucher has no order.")); - } - header("X-MagicSmoke-Status: Ok"); - echo $res[0]["orderid"]; -} - -//find an order -function orderByEventXml($events) -{ - global $db; - //collate eventids - $eids=""; - foreach(explode(" ",$events) as $eid){ - $eid=trim($eid); - if($eid=="")continue; - if($eids!="")$eids.=","; - $eids.=$db->escapeInt($eid); - } - if($eids==""){ - header("X-MagicSmoke-Status: Ok"); - echo " "; - return; - } - //find orders - $res=$db->select("ticket","orderid","eventid IN (".$eids.")"); - $oar=array(); - $olst=""; - for($i=0;$i "; - }else{ - getOrderListXml("orderid IN (".$olst.")"); - } -} - -//change the comment on an order -function setOrderCommentXml($txt) -{ - //parse XML data - $xml=new DomDocument; - $xml->loadXml($txt); - $doc=$xml->documentElement; - $oid=$doc->getAttribute("orderid")+0; - $comment=""; - foreach($doc->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $comment=$cn->wholeText; - //set comment - global $db; - $db->beginTransaction(); - $upcnt=$db->update("order",array("comments"=>$comment),"orderid=".$db->escapeInt($oid)); - $db->commitTransaction(); - if($upcnt!==false) - header("X-MagicSmoke-Status: Ok"); - else{ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to update order comment."); - } -} - -//change the shipping method on an order -function setOrderShippingXml($txt) -{ - //parse XML data - $xml=new DomDocument; - $xml->loadXml($txt); - $doc=$xml->documentElement; - $oid=$doc->getAttribute("orderid")+0; - if($doc->hasAttribute("type")) - $type=$doc->getAttribute("type"); - else - $type=false; - if($doc->hasAttribute("price")) - $price=$doc->getAttribute("price"); - else - $price=false; - //set shipping - global $db; - global $session; - $db->beginTransaction(); - $res=$db->select("order","status","orderid=".$oid); - if($res===false || count($res)<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Order."); - $db->rollbackTransaction(); - return; - } - //TODO: check order status (define rules first) - if($type===false){ - //remove shipping - $db->update("order",array("shippingtype"=>false,"shippingcosts"=>0),"orderid=".$db->escapeInt($oid)); - }else{ - //set a shipping option - $ship=$db->select("shipping","cost","shipid=".$db->escapeInt($type)); - if($ship===false || count($ship)<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Shipping Method."); - $db->rollbackTransaction(); - return; - } - //check price - if($price===false || !$session->canExecute("_repriceshipping")) - $price=$ship[0]["cost"]; - $db->update("order",array("shippingtype"=>$type,"shippingcosts"=>$price),"orderid=".$db->escapeInt($oid)); - } - $db->commitTransaction(); - //dump order object - $ord=new Order($oid); - $db->mkLog(array("orderid"=>$oid,"orderpaid"=>$ord->amountPaid(),"orderdue"=>$ord->totalPrice()),tr("shipping changed")); - header("X-MagicSmoke-Status: Ok"); - $ord->dumpXml(); -} - -//get shipping list -function getShippingXml() -{ - $xml=new DomDocument; - $root=$xml->createElement("ShippingList"); - global $db,$session; - $res=$db->select("shipping","*",""); - $all=$session->canExecute("setshipping")||$session->canExecute("_anyshipping"); - if($res!==false && count($res)>0) - foreach($res as $sh){ - if(!$sh["canallusers"] && !$all)continue; - $sx=$xml->createElement("ShippingOption"); - $sx->setAttribute("type",$sh["shipid"]); - $sx->setAttribute("price",$sh["cost"]); - $sx->setAttribute("web",$sh["canuseweb"]?"1":"0"); - $sx->setAttribute("anyUser",$sh["canallusers"]?"1":"0"); - $sx->appendChild($xml->createTextNode($sh["description"])); - $root->appendChild($sx); - } - $xml->appendChild($root); - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXml()); -} - -//implement set shipping info -function setShippingXml($txt) -{ - //parse XML data - $xml=new DomDocument; - $xml->loadXml($txt); - $doc=$xml->documentElement; - if($doc->hasAttribute("type")) - $type=$doc->getAttribute("type")+0; - else - $type=false; - $price=$doc->getAttribute("price")+0; - if($price<0)$price=0; - $web=$doc->getAttribute("web")+0; - $any=$doc->getAttribute("anyUser")+0; - $dsc=""; - foreach($doc->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $dsc=$cn->wholeText; - //change/create - global $db; - if($type===false){ - $type=$db->insert("shipping",array("cost" => $price, "canuseweb" => $web?1:0, - "canallusers" => $any?1:0, "description" => $dsc)); - if($type===false){ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to create new shipping method."); - return; - } - }else{ - $succ=$db->update("shipping",array("cost" => $price, "canuseweb" => $web?1:0, - "canallusers" => $any?1:0, "description" => $dsc), - "shipid=".$db->escapeInt($type)); - if($succ===false || $succ<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to change shipping method."); - return; - } - } - header("X-MagicSmoke-Status: Ok"); - echo $type; -} -//delete shipping info -function deleteShippingXml($sid) -{ - global $db; - if(!is_numeric($sid)){ - header("X-MagicSmoke-Status: Error"); - echo tr("Expected a numeric shipping ID."); - } - $r=$db->deleteRows("shipping","shipid=".$db->escapeInt($sid)); - if($r==false || $r<1){ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to delete shipping method."); - return; - } - header("X-MagicSmoke-Status: Ok"); -} - -function changeReservationXml($oid,$mode) -{ - $ord=new Order($oid); - if(!$ord->isValid()){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Order."); - return; - } - if($ord->changeReservation($mode)){ - header("X-MagicSmoke-Status: Ok"); - }else{ - header("X-MagicSmoke-Status: Error"); - echo tr("Cannot change order from reservation."); - return; - } - -} - -function cent2str($c) -{ - $r=floor($c/100)."."; - $c="".$c%100; - if(strlen($c)<2)$c="0".$c; - return $r.$c; -} - -function moneylogXml($data) -{ - //split/validate data - $splt=explode("\n",$data); - if(count($splt)<2){ - header("X-MagicSmoke-Status: Error"); - echo tr("Expected 2 arguments: query type and ID."); - return; - } - //formulate query - global $db; - $query=""; - switch(trim($splt[0])){ - case "order": - $query="orderid=".$db->escapeInt(trim($splt[1])); - break; - case "voucher": - $query="voucherid=".$db->escapeString(trim($splt[1])); - break; - case "user": - $query="uname=".$db->escapeString(trim($splt[1])); - break; - } - if($query==""){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid Query Type."); - return; - } - //query and print - header("X-MagicSmoke-Status: Ok"); - $res=$db->select("moneylog","*",$query); - foreach($res as $row){ - print(date(DATE_W3C,$row["logtime"])." ".$row["log"]." by ".$row["uname"]); - if(!$db->isNull($row["orderid"])) - print(", order ".$row["orderid"]); - if(!$db->isNull($row["voucherid"])) - print(", voucher ".$row["voucherid"]); - if(!$db->isNull($row["moved"])) - print(", money moved ".cent2str($row["moved"])); - if(!$db->isNull($row["orderpaid"])) - print(", now paid for order ".cent2str($row["orderpaid"])); - if(!$db->isNull($row["orderdue"])) - print(", total price of order ".cent2str($row["orderdue"])); - if(!$db->isNull($row["vouchervalue"])) - print(", remaining value of voucher ".cent2str($row["vouchervalue"])); - print("\n"); - } -} - -?> \ No newline at end of file diff --git a/www/inc/classes/parser.php b/www/inc/classes/parser.php deleted file mode 100644 index beda639..0000000 --- a/www/inc/classes/parser.php +++ /dev/null @@ -1,197 +0,0 @@ -cont=$c; - reset($this->cont); - } - /**return next line from array until end is reached*/ - public function getLine() - { - $r=current($this->cont); - next($this->cont); - return $r; - } -} - -/**Parser class: see syntax docu for details*/ -class Parser -{ - private $vars=array(); - - /**create parser object, initialize its internal state with optional file*/ - public function __construct($fname="") - { - global $_SERVER; - $this->vars["SCRIPT"]=$_SERVER['SCRIPT_NAME']; - $this->vars["FULLURL"]=$_SERVER['REQUEST_URI']; - if($fname!="") - $this->parseFile($fname); - } - /**parse a file, return parser-result*/ - public function parseFile($fname) - { - global $template; - $cont=file_get_contents($template.$fname); - return $this->parse($cont); - } - /**parse a string, return parser-result*/ - public function parse($str) - { - $cont=explode("\n",str_replace("\r","",$str)); - $help=new PHelper($cont); - return $this->parseNormal($help); - } - /**set an internal variable*/ - public function setVar($vname,$vval) - { - $this->vars[$vname]=$vval; - } - /**set several internal variables array(variablename=>value)*/ - public function setVars(array $vs) - { - reset($vs); - foreach($vs as $k => $v) - $this->vars[$k]=$v; - } - /**unset a variable*/ - public function unsetVar($vname) - { - if(isset($this->vars[$vname])) - unset($this->vars[$vname]); - } - /**get value of a variable (returns false if variable does not exist)*/ - public function getVar($vname) - { - if(isset($this->vars[$vname])) - return $this->vars[$vname]; - else - return false; - } - /**returns true if variable exists*/ - public function haveVar($vname) - { - return isset($this->vars[$vname]); - } - - /**internal: used by parse to load data*/ - protected function parseNormal($help) - { - $out=""; - while(1){ - //get next line - $line=$help->getLine(); - //exit if file end has been reached - if($line===false)return $out; - //check whether this is a special statement - if(strncmp("#if:",$line,4)==0)$out.=$this->parseIf($help,$line);else - if(strncmp("#set:",$line,5)==0)$out.=$this->parseSet($help,$line); - else $out.=$this->parseLine($line); - } - } - /**internal: replace variables on a line*/ - protected function parseLine($line) - { - $ak=array(); - $av=array(); - foreach($this->vars as $k => $v){ - $ak[]="@".$k."@"; - $av[]=$v; - } - return str_replace($ak,$av,$line)."\n"; - } - /**internal: handle an \#if statement*/ - protected function parseIf($help,$line) - { - //parse if-line - $reg=array(); - if(ereg("^#if:([a-zA-Z0-9_]+)[ \t]*([=<>!]+)(.*)$",trim($line),$reg)===false) - return "(erroneous #if line found)\n"; - //check variable exists - $doout=isset($this->vars[$reg[1]]); - //do comparison - if($doout){ - $v=trim($this->vars[$reg[1]]); - $c=trim($reg[3]); - switch($reg[2]){ - case "==":case "=":$doout= $v == $c;break; - case "<":$doout = $v < $c;break; - case "<=":$doout = $v <= $c;break; - case ">":$doout = $v > $c;break; - case ">=":$doout = $v >= $c;break; - case "!=":case "<>":$doout = $v != $c;break; - default: $doout=false; - } - } - //parse till #endif - if($doout){ - $out=""; - //handle content normally until endif is found, then return - while(1){ - $line=$help->getLine(); - if($line===false)return $out; - if(strncmp("#if:",$line,4)==0)$out.=$this->parseIf($help,$line);else - if(strncmp("#set:",$line,5)==0)$out.=$this->parseSet($help,$line);else - if(strncmp("#endif",$line,6)==0)return $out; - else $out.=$this->parseLine($line); - } - }else{ - $ifc=1; - //ignore everything until corresponding endif is found - //#if needs to be handled specially, since parseIf is not - // called recursively here - while(1){ - $line=$help->getLine(); - //last line already? - if($line===false)return ""; - //handle if and endif - if(strncmp("#if:",$line,4)==0)$ifc+=1;else - if(strncmp("#endif",$line,6)==0)$ifc-=1; - //found corresponding endif? - if($ifc<=0)return ""; - //ignore remainder - } - } - } - /**internal: handle \#set statement*/ - protected function parseSet($help,$line) - { - //parse set-line - $reg=array(); - if(ereg("^#set:([a-zA-Z0-9_]+)((:)|(=(.*)))$",trim($line),$reg)===false) - return "(erroneous #set line found)\n"; - //check type - $vname=$reg[1]; - $var=""; - if($reg[3]==":"){ - //syntax: #set:var:\nvalue...\n#endset - //parse till #endset - $setcnt=1; - while(1){ - $line=$help->getLine(); - //handle set/unset statements pseudo-recursively - if(strncmp("#set:",$line,5)==0)$setcnt+=1;else - if(strncmp("#endset",$line,7)==0)$setcnt-=1; - //corresponding endset found? - if($setcnt<=0)break; - //add content to variable - $var.=$line."\n"; - } - }else{ - //syntax: #set:var=value - //get value directly - $var=$reg[5]; - } - //set variable - $this->setVar(trim($vname),trim($var)); - //go back (set creates no visible output) - return ""; - } -}; - - -?> \ No newline at end of file diff --git a/www/inc/classes/room.php b/www/inc/classes/room.php deleted file mode 100644 index aa178c1..0000000 --- a/www/inc/classes/room.php +++ /dev/null @@ -1,84 +0,0 @@ -, (C) 2007 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -//TODO: implement: -class Room -{ - public function __construct($roomid){} - public function exists(){return false;} - -}; - -function getRoomsXml($xmldata) -{ - global $db; - //TODO: check xml data - //return rooms - $res=$db->select("room","roomid,capacity,description",""); - $xml=new DOMDocument; - $root=$xml->createElement("RoomData"); - if(count($res)>0) - foreach($res as $k => $rm){ - $room=$xml->createElement("Room"); - $room->setAttribute("capacity",$rm["capacity"]); - $id=$xml->createElement("ID",$rm["roomid"]); - $room->appendChild($id); - $des=$xml->createElement("Description",xq($rm["description"])); - $room->appendChild($des); - $root->appendChild($room); - } - $xml->appendChild($root); - header("X-MagicSmoke-Status: Ok"); - print($xml->saveXML()); -} - -function setRoomsXml($xmldata) -{ - //TODO:do more extensive syntax checking and better error reporting - //get XML - $xml=new DOMDocument; - if($xml->loadXML($xmldata)===false){ - header("X-MagicSmoke-Status: SyntaxError"); - echo "Unable to parse XML."; - return; - } - //stage 2: extract data from XML - $doc=$xml->documentElement; - global $db; - foreach($doc->getElementsByTagName("Room") as $room){ - //get data - $cap=$room->getAttribute("capacity")+0; - $id=false; - $descr=false; - foreach($room->getElementsByTagName("ID") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $id=trim($cn->wholeText); - foreach($room->getElementsByTagName("Description") as $el) - foreach($el->childNodes as $cn) - if($cn->nodeType==XML_TEXT_NODE) - $descr=trim($cn->wholeText); - if($id===false)continue; - $db->beginTransaction(); - $res=$db->select("room","roomid","roomid=".$db->escapeString($id)); - if(count($res)>0){ - $db->update("room",array("capacity"=>$cap,"description"=>$descr),"roomid=".$db->escapeString($id)); - }else{ - $db->insert("room",array("roomid"=>$id,"capacity"=>$cap,"description"=>$descr)); - } - $db->commitTransaction(); - } - header("X-MagicSmoke-Status: Ok"); -} - -?> \ No newline at end of file diff --git a/www/inc/classes/ticket.php b/www/inc/classes/ticket.php deleted file mode 100644 index 024c16f..0000000 --- a/www/inc/classes/ticket.php +++ /dev/null @@ -1,304 +0,0 @@ -, (C) 2007 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -/* TRANSLATOR php:: */ - -//masks -/**mask: ticket is blocked (is blocking a seat)*/ -define("TICKET_MBLOCK",0x100); //dec: 256 -/**mask: ticket must be paid or is paid*/ -define("TICKET_MPAY",0x200); //dec: 512 -/**mask: ticket is usable by a customer (blocking plus (to be) paid)*/ -define("TICKET_USABLE",0x300); //dec: 768 - - -/**ticket has been reserved by a seller*/ -define("TICKET_RESERVED",0x301); //dec: 769 -/**ticket is part of an order or has been sold independently*/ -define("TICKET_BOUGHT",0x302); //dec: 770 -/**ticket has been used*/ -define("TICKET_USED",0x303); //dec: 771 -/**ticket has been cancelled by some entity*/ -define("TICKET_CANCELLED",0x4); //dec: 4 -/**ticket has been refunded*/ -define("TICKET_REFUND",0x4); //dec: 4 - -class Ticket -{ - private $ticketid=false; - private $eventid=false; - private $price=false; - private $status=false; - private $reservedby=false; - private $reservetimeout=false; - private $orderid=false; - - private static $NumTicketChars=false; - - /**generates a ticket, if $ticketid is false it creates an empty ticket, if it is a string it attempts to find it in the database*/ - public function __construct($ticketid=false) - { - global $db; - if(self::$NumTicketChars===false){ - self::$NumTicketChars=$db->getConfig("TicketIDChars")+0; - if(self::$NumTicketChars<=5)self::$NumTicketChars=10; - } - if($ticketid!==false){ - $res=$db->select("ticket","*","ticketid=".$db->escapeString(strtoupper($ticketid))); - if(count($res)<1)return; - $this->ticketid=strtoupper($ticketid); - $this->eventid=$res[0]["eventid"]; - $this->price=$res[0]["price"]; - $this->status=$res[0]["status"]; - $this->reservedby=$res[0]["reservedby"]; - $this->reservetimeout=$res[0]["reservetimeout"]; - $this->orderid=$res[0]["orderid"]; - } - } - - /**returns whether this is a valid DB object*/ - public function isValid() - { - return $this->ticketid!==false; - } - - /**returns the ID of the ticket*/ - public function getTicketId() - { - return $this->ticketid; - } - - /**returns the ID of the event*/ - public function getEventId() - { - return $this->eventid; - } - - /**returns the price of the ticket*/ - public function getPrice() - { - return $this->price; - } - - /**overwrites the price stored in this object (used by order before the ticket is stored to the DB)*/ - public function setPrice($p) - { - $this->price=$p; - } - - /**returns the ticket status*/ - public function getStatus() - { - return $this->status; - } - - /**returns the ticket status for XML output*/ - public function xmlStatus() - { - switch($this->status){ - case TICKET_RESERVED: - return "reserved"; - case TICKET_BOUGHT: - return "bought"; - case TICKET_USED: - return "used"; - case TICKET_CANCELLED: - return "refund"; - default: - return "error"; - } - } - - /**returns whether the ticket must be paid (or is already paid)*/ - public function mustBePaid() - { - return ($this->status & TICKET_MBLOCK) != 0; - } - - /**sets the event and copies the price from it; returns true on success*/ - public function setEventId($e) - { - global $db; - //find event - $res=$db->select("event","defaultprice","eventid=".$db->escapeInt($e)); - if(count($res)<1)return false; - $this->eventid=$e+0; - $this->price=$res[0]["defaultprice"]; - } - - /**sets the event and copies the price from it; returns true on success*/ - public function setEvent($e) - { - return $this->setEventID($e->getEventId()); - } - - /**creates the ticket in the database and adds it to the order; expects orderid as argument; returns false if it fails; it may fail if the event has not been set*/ - public function addToOrder($o) - { - global $db; - //sanity checks - if($this->ticketid!==false)return false; - if($this->eventid===false)return false; - //generate ticket ID - $db->beginTransaction(); - do{ - $tid=getCode39ID(self::$NumTicketChars,RND_TICKET); - $res=$db->select("ticket","ticketid","ticketid=".$db->escapeString($tid)); - if(count($res)==0)break; - }while(true); - //create entry - $res=$db->insert("ticket",array("ticketid"=>$tid,"eventid"=>$this->eventid, "price"=>$this->price,"status"=>TICKET_BOUGHT,"orderid"=>$o)); - if($res===false){ - $db->rollbackTransaction(); - return false; - } - $db->commitTransaction(); - $this->ticketid=$tid; - $this->status=TICKET_BOUGHT; - $this->orderid=$o; - return true; - } - - /**dumps the ticket as XML*/ - public function dumpXml() - { - $xml=new DomDocument; - $doc=$xml->createElement("Ticket"); - $doc->setAttribute("id",$this->ticketid); - $doc->setAttribute("status",$this->xmlStatus()); - $doc->setAttribute("order",$this->orderid); - $doc->setAttribute("event",$this->eventid); - $doc->setAttribute("price",$this->price); - $doc->setAttribute("orderpaystate",$this->orderPayStateXml()); - $xml->appendChild($doc); - print($xml->saveXml()); - } - - /**helper: gets the status of the order for dumpXml*/ - protected function orderPayStateXml() - { - if($this->orderid<0)return "none"; - $ord=new Order($this->orderid); - if(!$ord->isValid())return "none"; - if($ord->getStatus()==ORDER_CLOSED)return "ok"; - if($ord->getStatus()==ORDER_CANCELLED)return "cancelled"; - return $ord->getPaymentStatus(); - } - - /**tries to mark the ticket as used*/ - public function markUsedXml() - { - if(!$this->isValid()){ - header("X-MagicSmoke-Status: Error"); - die(tr("The ticket is not valid.")); - } - if($this->status==TICKET_USED){ - header("X-MagicSmoke-Status: Error"); - die(tr("The ticket has already been used.")); - } - if($this->status!=TICKET_BOUGHT){ - header("X-MagicSmoke-Status: Error"); - die(tr("The ticket has not been bought or is cancelled.")); - } - $ps=$this->orderPayStateXml(); - if($ps=="needpayment"){ - header("X-MagicSmoke-Status: Error"); - die(tr("The ticket has not been paid.")); - } - if($ps!="ok" && $ps!="needrefund"){ - header("X-MagicSmoke-Status: Error"); - die(tr("The tickets order is in an invalid state or does not exist.")); - } - $this->status=TICKET_USED; - global $db; - $db->update("ticket",array("status"=>TICKET_USED),"ticketid=".$db->escapeString($this->ticketid)); - } -}; - -function getTicketXml($tid) -{ - $tick=new Ticket($tid); - if($tick->isValid()){ - header("X-MagicSmoke-Status: Ok"); - $tick->dumpXml(); - }else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Unable to find this ticket.")); - } -} - -function useTicketXml($tid) -{ - $tick=new Ticket($tid); - if($tick->isValid()) - $tick->markUsedXml(); - else{ - header("X-MagicSmoke-Status: Error"); - die(tr("Unable to find this ticket.")); - } -} - -function changeTicketPriceXml($data) -{ - //split - $lst=explode("\n",$data); - if(count($lst)!=2){ - header("X-MagicSmoke-Status: Error"); - die(tr("Malformed request.")); - } - //check price - if(!is_numeric(trim($lst[1]))){ - header("X-MagicSmoke-Status: Error"); - die(tr("Price must be a number.")); - } - $prc=trim($lst[1])+0; - if($prc<0){ - header("X-MagicSmoke-Status: Error"); - die(tr("Price must be positive.")); - } - //get ticket - global $db; - $db->beginTransaction(); - $res=$db->select("ticket","ticketid","ticketid=".$db->escapeString(trim($lst[0]))); - if(count($res)<1){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Unable to find this ticket.")); - } - $db->update("ticket",array("price"=>$prc),"ticketid=".$db->escapeString(trim($lst[0]))); - $db->commitTransaction(); - header("X-MagicSmoke-Status: Ok"); -} - -function ticketReturnXml($tid) -{ - //get ticket - global $db; - $db->beginTransaction(); - $res=$db->select("ticket","ticketid,status","ticketid=".$db->escapeString($tid)); - if(count($res)<1){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Unable to find this ticket.")); - } - if($res[0]["status"]!=TICKET_BOUGHT && $res[0]["status"]!=TICKET_RESERVED){ - $db->rollbackTransaction(); - header("X-MagicSmoke-Status: Error"); - die(tr("Ticket cannot be returned.")); - } - $db->update("ticket",array("status"=>TICKET_CANCELLED),"ticketid=".$db->escapeString($tid)); - $db->commitTransaction(); - header("X-MagicSmoke-Status: Ok"); -} - -?> \ No newline at end of file diff --git a/www/inc/classes/voucher.php b/www/inc/classes/voucher.php deleted file mode 100644 index 376b5bb..0000000 --- a/www/inc/classes/voucher.php +++ /dev/null @@ -1,378 +0,0 @@ -, (C) 2008 -// -// Copyright: See README/COPYING files that come with this distribution -// -// - -/* TRANSLATOR php:: */ - -class Voucher -{ - private $voucherid=false; - private $orderid=false; - private $price=false; - private $value=false; - private $isused=false; - - private static $NumVoucherChars=false; - - /**create a new voucher: with id from DB or for later creation*/ - public function __construct($voucherid=false) - { - global $db; - if(self::$NumVoucherChars===false){ - self::$NumVoucherChars=$db->getConfig("VoucherIDChars")+0; - if(self::$NumVoucherChars<=5)self::$NumVoucherChars=10; - } - if($voucherid!==false){ - $res=$db->select("voucher","*","voucherid=".$db->escapeString($voucherid)); - if($res===false || count($res)<1)return; - $this->voucherid=$res[0]["voucherid"]; - $this->orderid=$res[0]["orderid"]; - $this->price=$res[0]["price"]; - $this->value=$res[0]["value"]; - $this->isused=$res[0]["isused"]; - } - } - - /**return whether this voucher has an equivalent in the DB*/ - public function isValid() - { - return $this->voucherid!==false; - } - - /**returns the remaining value in cent*/ - public function remainingValue() - { - return $this->value; - } - - /**returns the price of the voucher*/ - public function price() - { - return $this->price; - } - - /**returns the ID of the order this voucher belongs to*/ - public function orderID() - { - return $this->orderid; - } - - /**returns whether the voucher is cancelled*/ - public function isCancelled() - { - return $this->price==0 && $this->value==0; - } - - /**returns whether the voucher has already been used*/ - public function isUsed() - { - return $this->isused; - } - - /**returns whether the voucher can be cancelled*/ - public function canCancel() - { - if($this->isCancelled())return true; - if(!$this->isUsed())return true; - return false; - } - - /**returns whether the voucher can be forcefully emptied*/ - public function canEmpty() - { - return !$this->isCancelled(); - } - - /**returns whether the voucher can pay for anything*/ - public function canPay() - { - return $this->value!=0; - } - - /**actually cancel the voucher (does all checks again); returns true on success*/ - public function cancelVoucher() - { - if(!isValid())return false; - global $db; - $db->beginTransaction(); - //recheck - $res=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid)); - if($res===false || count($res)<1){ - $db->rollbackTransaction(); - return false; - } - //is it non-cancelled and used? - if(($res[0]["price"]!=0 || $res[0]["value"]!=0) && $res[0]["isused"]){ - $db->rollbackTransaction(); - return false; - } - //overwrite - $db->update("voucher",array("price"=>0,"value"=>0,"isused"=>0),"voucherid=".$db->escapeString($this->voucherid)); - $db->mkLog(array("voucherid"=>$this->voucherid, "vouchervalue"=>0),tr("cancel voucher")); - $db->commitTransaction(); - return true; - } - - /**actually empty a voucher*/ - public function emptyVoucher() - { - //sanity check - if(!$this->isValid())return; - if(!$this->canEmpty())return; - //now do the deed - global $db; - $db->update("voucher",array("value"=>0,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid)); - $db->mkLog(array("voucherid"=>$this->voucherid, "vouchervalue"=>0),tr("empty voucher")); - } - - /**create the voucher in the database; returns false on failue*/ - public function addToOrder($orderid,$price,$value) - { - //since this is called from Order only, we assume orderid to be correct - //sanity check (should not fail, since Order also checks) - if($price<0 || $value<=0)return false; - //create a new ID - global $db; - $db->beginTransaction(); - do{ - $vid=getCode39ID(self::$NumVoucherChars,RND_VOUCHER); - $res=$db->select("voucher","voucherid","voucherid=".$db->escapeString($vid)); - if(count($res)==0)break; - }while(true); - //create entry - $res=$db->insert("voucher",array("voucherid"=>$vid,"price"=>$price,"value"=>$value,"isused"=>0,"orderid"=>$orderid)); - if($res===false){ - $db->rollbackTransaction(); - return false; - } - $db->mkLog(array("voucherid"=>$vid, "vouchervalue"=>$value, "orderid"=>$orderid),tr("create voucher")); - $db->commitTransaction(); - $this->voucherid=$vid; - $this->orderid=$orderid; - $this->price=$price+0; - $this->value=$value+0; - $this->isused=false; - return true; -} - - /**use the voucher to pay for an order; return true on success*/ - public function payForOrder($orderid) - { - //pre-check - if(!$this->isValid() || !$this->canPay())return false; - //now go to the DB - global $db; - $db->beginTransaction(); - //get voucher data and recheck - $vres=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid)); - if($vres===false || count($vres)<1){ - $db->rollbackTransaction(); - return false; - } - if($vres[0]["value"]<=0){ - $db->rollbackTransaction(); - return false; - } - //get my own order status - $myord=new Order($this->orderid); - if(!$myord->isValid()){ - $db->rollbackTransaction(); - return false; - } - $ps=$myord->getPaymentStatus(); - if($ps!="needrefund" && $ps!="ok"){ - $db->rollbackTransaction(); - return false; - } - //get the target order data - $ord=new Order($orderid); - if(!$ord->isValid()){ - $db->rollbackTransaction(); - return false; - } - $adue=$ord->amountDue(); - if($adue<=0){ - $db->rollbackTransaction(); - return false; - } - //get amount to swap - $pay=$vres[0]["value"]; - if($adue<$pay)$pay=$adue; - //store corrected voucher - $this->value=$vres[0]["value"]-$pay; - $b=$db->update("voucher",array("value"=>$this->value,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid))!==false; - //store corrected order - $a=$ord->amountPaid()+$pay; - $b&=$db->update("order",array("amountpaid"=>$a),"orderid=".$db->escapeInt($orderid))!==false; - //if anything went wrong: roll back - if(!$b){ - $db->rollbackTransaction(); - return false; - } - $db->mkLog(array("voucherid"=>$this->voucherid,"orderid"=>$orderid,"orderdue"=>$adue,"orderpaid"=>$a,"vouchervalue"=>$this->value,"moved"=>$pay),tr("pay with voucher")); - //whoo. got it! - $db->commitTransaction(); - return true; - } - - /**use the voucher to pay for something not in the system; return true on success*/ - public function payForOutside($amount) - { - //pre-check - if(!$this->isValid() || !$this->canPay())return false; - if($amount < 0)return false; - //now go to the DB - global $db; - $db->beginTransaction(); - //get voucher data and recheck - $vres=$db->select("voucher","*","voucherid=".$db->escapeString($this->voucherid)); - if($vres===false || count($vres)<1){ - $db->rollbackTransaction(); - return false; - } - if($vres[0]["value"]<=0){ - $db->rollbackTransaction(); - return false; - } - //get amount to swap - $pay=$vres[0]["value"]; - if($amount<$pay)$pay=$amount; - //store corrected voucher - $this->value=$vres[0]["value"]-$pay; - $b=$db->update("voucher",array("value"=>$this->value,"isused"=>1),"voucherid=".$db->escapeString($this->voucherid))!==false; - //if anything went wrong: roll back - if(!$b){ - $db->rollbackTransaction(); - return false; - } - $db->mkLog(array("voucherid"=>$this->voucherid,"vouchervalue"=>$this->value,"moved"=>$pay),tr("pay with voucher outside system")); - //whoo. got it! - $db->commitTransaction(); - return true; - } - - /**dumps the XML representation of the voucher*/ - function dumpXml() - { - $xml=new DomDocument; - $doc=$xml->createElement("Voucher"); - $doc->setAttribute("id",$this->voucherid); - $doc->setAttribute("price",$this->price); - $doc->setAttribute("value",$this->value); - $doc->setAttribute("used",$this->isused?"1":"0"); - $xml->appendChild($doc); - print($xml->saveXml()); - } -}; - -function getVoucherPricesXml() -{ - global $db; - header("X-MagicSmoke-Status: Ok"); - $r=$db->getConfig("ValidVouchers"); - if($r!==false)print($r); -} - -function cancelVoucherXml($vid) -{ - $vc=new Voucher($vid); - if($vc->isValid() && $vc->canCancel()){ - if($vc->cancelVoucher()){ - header("X-MagicSmoke-Status: Ok"); - return; - } - } - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to cancel voucher."); -} - -function emptyVoucherXml($vid) -{ - $vc=new Voucher($vid); - if(!$vc->isValid()){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid voucher, cannot empty it."); - return; - } - header("X-MagicSmoke-Status: Ok"); - $vc->emptyVoucher(); -} - -function useVoucherXml($txt) -{ - //split data - $splt=explode("\n",$txt); - if(count($splt)<2){ - header("X-MagicSmoke-Status: SyntaxError"); - echo tr("Expected two arguments: voucher id and order id."); - return; - } - $vc=new Voucher(trim($splt[0])); - if(!$vc->isValid()){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid voucher id."); - return; - } - if($vc->payForOrder(trim($splt[1]))){ - header("X-MagicSmoke-Status: Ok"); - print($vc->remainingValue()."\n"); - global $db; - $res=$db->select("order","amountpaid","orderid=".$db->escapeInt(trim($splt[1]))); - if(count($res)>0) - print($res[0]["amountpaid"]); - }else{ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to process payment via voucher."); - } -} - -function useVoucher2Xml($txt) -{ - //split data - $splt=explode("\n",$txt); - if(count($splt)<2){ - header("X-MagicSmoke-Status: SyntaxError"); - echo tr("Expected two arguments: voucher id and amount to deduct."); - return; - } - $vc=new Voucher(trim($splt[0])); - if(!$vc->isValid()){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid voucher id."); - return; - } - $val=$vc->remainingValue(); - if($vc->payForOutside(trim($splt[1])+0)){ - header("X-MagicSmoke-Status: Ok"); - $val2=$vc->remainingValue(); - print(($val-$val2)."\n".$val2); - }else{ - header("X-MagicSmoke-Status: Error"); - echo tr("Unable to process payment via voucher."); - } -} - -function getVoucherXml($vid) -{ - $vc=new Voucher($vid); - if(!$vc->isValid()){ - header("X-MagicSmoke-Status: Error"); - echo tr("Invalid voucher ID."); - return; - } - header("X-MagicSmoke-Status: Ok"); - $vc->dumpXml(); -} - - - -?> \ No newline at end of file diff --git a/www/inc/global_variables.php b/www/inc/global_variables.php index 73453e7..0a5d5f4 100644 --- a/www/inc/global_variables.php +++ b/www/inc/global_variables.php @@ -15,6 +15,5 @@ define("COOKIE_LANGUAGE", "ms_lang"); $lang = LanguageManager::singleton(); $error = ErrorManager::singleton(); -$parser = new Parser(); ?> diff --git a/www/inc/loader.php b/www/inc/loader.php index 00a6026..e6039f8 100644 --- a/www/inc/loader.php +++ b/www/inc/loader.php @@ -8,6 +8,7 @@ include('./inc/db/autoload.php'); include('./config.php'); //try to connect $db->tryConnect(); -//move on in loader_nonadmin.php (or admin.php) +//make machine interface available (also used indirectly by index.php) include("./inc/machine/autoload.php"); +//move on in loader_nonadmin.php (or admin.php) ?> \ No newline at end of file diff --git a/www/inc/rendering/event_listing.php b/www/inc/rendering/event_listing.php index 1de0682..7a0c1a8 100644 --- a/www/inc/rendering/event_listing.php +++ b/www/inc/rendering/event_listing.php @@ -16,23 +16,25 @@ class EventRender { /** creates an list of events */ public static function createEventList() { - global $parser; + global $twig,$basevars,$session; //pass 1: get layout of single event - $p=new Parser("index.html"); - $list=""; - $eventTmpl=$p->getVar("EVENT"); + $p=$twig->loadTemplate("index.html"); + $list=$basevars; $trn=WTrGetAllEvents::execute(); $events = $trn->resultevents(); - foreach ($events as $event) - { - $p->setVars($event->getParserData()); - $list .= $p->parse($eventTmpl); + $now=time(); + foreach ($events as $event){ + //only show current events + if($event->getstart()<=$now)continue; + //only show those available via web + if(!$session->checkFlags($event->getflags()))continue; + //encode as array + $list['events'][]=$event->getParserData(); } //pass 2: create page - $p->setVar("LIST",$list); - $parser->setVar("PAGE",$p->parseFile("index.html")); + return $p->render($list); } /** creates the details of an event */ diff --git a/www/inc/wext/event.php b/www/inc/wext/event.php index 0fb635c..93a020a 100644 --- a/www/inc/wext/event.php +++ b/www/inc/wext/event.php @@ -234,19 +234,33 @@ class WOEvent extends WOEventAbstract /**returns the data in an array suitable for the web-page-renderer*/ public function getParserData() { + global $session; $lang = LanguageManager::singleton(); - return array( - "DATE"=>$lang->getDate($this->getstart()), - "TIME"=>$lang->getTime($this->getstart()), - "PLACE"=>$this->getroom(), - "EVENTNAME"=>$this->gettitle(), - "ARTIST"=>$this->getartist()->getname(), - //TODO: do something about prices -// "PRICE"=>$lang->getPrice($this->getDefaultPrice()), + $ret=array( + "date"=>$lang->getDate($this->getstart()), + "time"=>$lang->getTime($this->getstart()), + "place"=>$this->getroom(), + "name"=>$this->gettitle(), + "artist"=>$this->getartist()->getname(), "ID"=>$this->getid(), - "DESCRIPTION"=>$this->getdescription(), - "AVAILABLETICKETS"=>$this->getamountFree() - );; + "description"=>$this->getdescription(), + "availabletickets"=>$this->getamountFree(), + "prices" => array() + ); + //list all available prices + foreach($this->getprice() as $price){ + //not those unavailable via web + if(!$session->checkFlags($price->getflags()))continue; + //fill in data + $ret['prices'][]=array( + "price"=>$lang->getPrice($price->getprice()), + "pricecents"=>$price->getprice(), + "categoryid"=>$price->getpricecategoryid(), + "categoryname"=>$price->getpricecategory()->getname() + ); + } + //return result + return $ret; } }; diff --git a/www/index.php b/www/index.php index 2d4f098..87f4f0f 100644 --- a/www/index.php +++ b/www/index.php @@ -2,7 +2,7 @@ //basics include('inc/loader.php'); include('inc/loader_nonadmin.php'); -//load class-files; TODO: remove most of them +//load class-files include('./inc/classes/autoload.php'); //load external Twig library require_once 'inc/twig/Autoloader.php'; @@ -12,10 +12,10 @@ include('inc/global_variables.php'); include('inc/global_functions.php'); include("inc/rendering/autoload.php"); -//include process script +//include process script (TODO: rework to be autoloaded) include('inc/rendering/submit.php'); -//include display scripts +//include display scripts (TODO: move to autoloading) include('inc/rendering/cart_listing.php'); include('inc/rendering/order_listing.php'); @@ -31,6 +31,26 @@ $lang->setLanguage("de"); //set internal session to virtual "_web" user for use by transactions Session::setWebSession(); +//initialize TWIG +$loader = new Twig_Loader_Filesystem($template); +$twig = new Twig_Environment($loader, $twigoptions ); +foreach($twigextensions as $te)$twig->addExtension($te); + +//basic variables shared by all templates +// script URLs +$basevars['script']['root']=$_SERVER['SCRIPT_NAME']; +$basevars['script']['this']=$_SERVER['REQUEST_URI']; +$basevars['script']['eventDetails']=$_SERVER['SCRIPT_NAME']."?mode=eventDetails&event="; +$basevars['script']['cart']=$_SERVER['SCRIPT_NAME']."?mode=cart"; +$basevars['script']['orderLogin']=$_SERVER['SCRIPT_NAME']."?mode=orderLogin"; +$basevars['script']['customerRegistration']=$_SERVER['SCRIPT_NAME']."?mode=customerRegistration"; +$basevars['script']['orderOverview']=$_SERVER['SCRIPT_NAME']."?mode=orderOverview"; +$basevars['script']['editShippingAddress']=$_SERVER['SCRIPT_NAME']."?mode=editShippingAddress"; +$basevars['script']['editOrderComments']=$_SERVER['SCRIPT_NAME']."?mode=editOrderComments"; + +//strings that are used to compose the overall layout +$page="(internal error: no page text yet)"; + try{ //get page template and process it switch($mode){ @@ -64,21 +84,22 @@ try{ editOrderComments(); break; default: - EventRender::createEventList(); + $page=EventRender::createEventList(); break; } }catch(Exception $ex){ error_log($ex->getMessage()); - $p=new Parser("error.html"); + $p=$twig->loadTemplate("error.html"); + $e=$basevars; if($WebShowErrors) - $p->setVar("ErrorText",$ex->getMessage()); + $e["ErrorText"]=$ex->getMessage(); else - $p->setVar("ErrorText","An error occured, contact the server admin for details."); - $parser->setVar("PAGE",$p->parseFile("error.html")); + $e["ErrorText"]=translate("WebSite","An error occured, contact the server admin for details."); + $page=$p->render($e); } //spit out completed page header("Content-Type: text/html; charset=utf-8"); -print($parser->parseFile("layout.html")); +print($page); ?> \ No newline at end of file diff --git a/www/template/de/error.html b/www/template/de/error.html index 1e7fdbe..7f25f84 100644 --- a/www/template/de/error.html +++ b/www/template/de/error.html @@ -1,6 +1,6 @@

Error

-@ErrorText@ +{{ErrorText}}
Back to Index diff --git a/www/template/de/index.html b/www/template/de/index.html index 21ad29c..35cdd8a 100644 --- a/www/template/de/index.html +++ b/www/template/de/index.html @@ -1,31 +1,24 @@ -
-#if:ROLE==buyer -Login Verkäufer -#endif -#if:ROLE==seller -Logout -#endif -
-

Kartenvorverkauf

+{# Example Template for MagicSmoke + ================================ + this one is called to create the event list +#} -@LIST@ +{% extends 'layout.html' %} -#set:EVENT: -

Datum: @DATE@ @TIME@
-Ort: @PLACE@
-@EVENTNAME@
-@ARTIST@
-@DESCRIPTION@
-Kartenpreis: @PRICE@ EUR
-#if:AVAILABLETICKETS>0 -Bestellen -#if:AVAILABLETICKETS<=5 -*nur noch Restkarten* -#endif -#endif -#if:AVAILABLETICKETS==0 -*ausverkauft* -#endif +{% block title %}Overview{% endblock %} -

-#endset +{% block page %} + + {% for event in events %} +

{{event.name}}

+ {{event.date}} {{event.time}}, {{event.place}}
+ Artist: {{event.artist}}
+ {{event.description}}
+ Price: + {% for price in event.prices %} + {{price.price}} ({{price.categoryname}}) + {% endfor %}
+ order tickets + {% endfor %} + +{% endblock %} diff --git a/www/template/de/layout.html b/www/template/de/layout.html index 46fe3c7..3597a23 100644 --- a/www/template/de/layout.html +++ b/www/template/de/layout.html @@ -2,15 +2,15 @@ -Magic Smoke Example Layout +{% block title %}{% endblock %} - Magic Smoke Example Layout -

Magic Smoke Example Layout

+

{% display title %} - Magic Smoke Example Layout

-@PAGE@ +{% block page %}{% endblock %}