Project-Pro/bilety.brzezovka.pl
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
61e480cc948668efbd50b46c528daaa15d1ffdc0
bilety.brzezovka.pl/autoload/controls/class.Apanel.php

348 lines
8.9 KiB
PHP
Raw Blame History

<?php
namespace controls;
class Apanel
{
static public function login_view()
{
if (\S::get_session('user'))
{
header('Location: /apanel/main_view/');
}
else
{
return \Tpl::view('admin-panel/login');
}
}
static public function main_view()
{
global $mdb;
$ordersArr = $mdb->query('SELECT id, name, surname, email, order_price, date_added, payment_status, used_ticket FROM orders')->fetchAll(\PDO::FETCH_ASSOC);
return \Tpl::view('admin-panel/main-view', [
'orders' => $ordersArr
]);
}
static public function order_data()
{
global $mdb;
$clientId = $_GET['id'];
$orderTickets = $mdb->query('SELECT * FROM order_tickets WHERE order_id =' . $clientId)->fetchAll(\PDO::FETCH_ASSOC);
$orderInfo = $mdb->select('orders', '*', ['id' => $clientId]);
\S::del_session('user_orders');
\S::set_session('user_orders', $orderTickets);
return \Tpl::view('admin-panel/order-data', [
'order_tickets' => $orderTickets,
'order_info' => $orderInfo,
]);
}
static public function login_check()
{
global $settings;
$writingPassword = trim($_POST['admin_password']);
if ($writingPassword == $settings['admin-password'])
{
\S::set_session('user', true);
header('Location: /scanner/scanner_view/');
}
else
{
header('Location: /apanel/login_view/');
}
exit;
}
static public function unlogin()
{
\S::del_session("user");
header('Location: /apanel/login_view/');
exit;
}
//* Increment ticket
static public function ticket_inc()
{
$basket = \S::get_session('user_orders');
$ticket_id = \S::get('ticket_id');
if (!empty($basket[$ticket_id]))
{
$basket[$ticket_id]['quantity']++;
}
else
{
$basket[$ticket_id]['quantity'] = 1;
}
$basket = \factory\Apanel::recalculate_ticket_protection( $basket );
$basket = \factory\Apanel::check_delivery( $basket );
\S::set_session( 'user_orders', $basket );
echo json_encode([
'basket_form' => \Tpl::view('admin-panel/order-data-table', [
'order_tickets' => $basket
]),
'order_summ' => \Tpl::view('admin-panel/order-summary', [
'order_tickets' => $basket
]),
]);
exit;
}
//* Decrement ticket
static public function ticket_dec()
{
$basket = \S::get_session('user_orders');
$ticket_id = \S::get('ticket_id');
$basket[$ticket_id]['quantity']--;
if ( $basket[$ticket_id]['quantity'] == 0 )
{
unset($basket[$ticket_id]);
}
$basket = \factory\Apanel::recalculate_ticket_protection( $basket );
$basket = \factory\Apanel::check_delivery( $basket );
\S::set_session('user_orders', $basket);
echo json_encode([
'basket_form' => \Tpl::view('admin-panel/order-data-table', [
'order_tickets' => $basket
]),
'order_summ' => \Tpl::view('admin-panel/order-summary', [
'order_tickets' => $basket
]),
]);
exit;
}
//* Remove ticket
static public function ticket_rem()
{
$basket = \S::get_session('user_orders');
$ticket_id = \S::get('ticket_id');
unset($basket[$ticket_id]);
$basket = \factory\Apanel::recalculate_ticket_protection( $basket );
$basket = \factory\Apanel::check_delivery( $basket );
\S::set_session('user_orders', $basket);
echo json_encode([
'basket_form' => \Tpl::view('admin-panel/order-data-table', [
'order_tickets' => $basket
]),
'order_summ' => \Tpl::view('admin-panel/order-summary', [
'order_tickets' => $basket
]),
]);
exit;
}
//* Save new tickets list
static public function ticket_save()
{
global $mdb;
$order_id = \S::get('order_id');
$payment_status = \S::get( 'payment_status' );
$basket = \S::get_session('user_orders');
$order_price = 0;
$mdb -> delete('order_tickets',['order_id' => $order_id]);
foreach ($basket as $key => $value)
{
$order_price += $value['price'] * $value['quantity'];
//* Zapisywanie do DB bilety
$mdb->insert('order_tickets', [
'order_id' => $order_id,
'product_id' => $value['product_id'],
'name' => $value['name'],
'quantity' => $value['quantity'],
'price' => trim($value['price']),
'date_visit' => $value['date_visit'],
'date_added' => $value['date_added']
]);
}
$mdb->update('orders', ['order_price' => $order_price, 'payment_status' => $payment_status ], ['id' => $order_id]);
exit;
}
static public function order_delete()
{
global $mdb;
$order_id = \S::get('order_id');
$mdb->delete('order_tickets', ['order_id' => $order_id]);
$mdb->delete('orders', ['id' => $order_id]);
header( 'Location: /apanel/main_view/' );
exit;
}
static public function tickets()
{
global $settings;
return \Tpl::view('admin-panel/tickets', [
'tickets' => $settings['tickets']
]);
}
static public function tickets_save()
{
global $mdb, $settings;
if (empty($_POST['tickets']) || !is_array($_POST['tickets'])) {
echo json_encode(['status' => 'error', 'message' => 'Brak danych']);
exit;
}
$allowedTicketIds = array_keys($settings['tickets']);
foreach ($_POST['tickets'] as $ticketId => $data) {
$ticketId = trim((string) $ticketId);
if (!in_array($ticketId, $allowedTicketIds, true)) {
continue;
}
$price = trim($data['price'] ?? '') !== '' ? (float) $data['price'] : null;
$priceWkd = trim($data['price_weekend'] ?? '') !== '' ? (float) $data['price_weekend'] : null;
$day0 = trim($data['day0'] ?? '') !== '' ? (float) $data['day0'] : null;
$day12 = trim($data['day1_2'] ?? '') !== '' ? (float) $data['day1_2'] : null;
$day37 = trim($data['day3_7'] ?? '') !== '' ? (float) $data['day3_7'] : null;
$stmt = $mdb->pdo->prepare('REPLACE INTO ticket_prices (ticket_id, price, price_weekend, dynamic_price_day0, dynamic_price_day1_2, dynamic_price_day3_7) VALUES (:tid, :price, :priceWkd, :day0, :day12, :day37)');
$stmt->execute([
':tid' => $ticketId,
':price' => $price,
':priceWkd' => $priceWkd,
':day0' => $day0,
':day12' => $day12,
':day37' => $day37,
]);
}
echo json_encode(['status' => 'ok']);
exit;
}
static public function use_ticket() {
global $mdb;
$order_id = \S::get('order_id');
$date = date('Y-m-d H:i:s');
$mdb->update('orders', ['used_ticket' => 1, 'used_ticket_date' => $date], ['id' => $order_id]);
echo json_encode([
'useStatus' => true
]);
exit;
}
static public function settings()
{
$enable_sell = \factory\Apanel::getSetting('enable_sell', '1');
return \Tpl::view('admin-panel/settings', [
'enable_sell' => $enable_sell
]);
}
static public function settings_save()
{
$enable_sell = isset($_POST['enable_sell']) ? '1' : '0';
\factory\Apanel::saveSetting('enable_sell', $enable_sell);
echo json_encode(['status' => 'ok']);
exit;
}
static public function calendar()
{
$token = bin2hex(random_bytes(32));
\S::set_session('admin_calendar_csrf', $token);
return \Tpl::view('admin-panel/calendar', [
'calendar_groups' => \factory\Tickets::getCalendarDefinitions(),
'csrf_token' => $token
]);
}
static public function calendar_dates()
{
header('Content-Type: application/json; charset=utf-8');
$groupKey = trim((string) \S::get('ticket_group'));
$definitions = \factory\Tickets::getCalendarDefinitions();
if (!isset($definitions[$groupKey])) {
echo json_encode(['status' => 'error', 'message' => 'Niepoprawny rodzaj biletu.']);
exit;
}
$dates = \factory\Tickets::getEnabledDatesByGroup($groupKey);
echo json_encode([
'status' => 'ok',
'enabled_dates' => $dates
]);
exit;
}
static public function calendar_save()
{
header('Content-Type: application/json; charset=utf-8');
$sessionToken = (string) \S::get_session('admin_calendar_csrf');
$requestToken = trim((string) \S::get('csrf_token'));
if (empty($sessionToken) || empty($requestToken) || !hash_equals($sessionToken, $requestToken)) {
echo json_encode(['status' => 'error', 'message' => 'Niepoprawny token CSRF.']);
exit;
}
$groupKey = trim((string) \S::get('ticket_group'));
$definitions = \factory\Tickets::getCalendarDefinitions();
if (!isset($definitions[$groupKey])) {
echo json_encode(['status' => 'error', 'message' => 'Niepoprawny rodzaj biletu.']);
exit;
}
$dates = $_POST['dates'] ?? [];
if (!is_array($dates)) {
$dates = [];
}
$saved = \factory\Tickets::saveEnabledDatesForGroup($groupKey, $dates);
if (!$saved) {
echo json_encode(['status' => 'error', 'message' => 'Nie udało się zapisać kalendarza.']);
exit;
}
echo json_encode(['status' => 'ok']);
exit;
}
}
Reference in New Issue View Git Blame Copy Permalink