/**
* roomchangelist::getlist()
*
* This function returns a list of room changes.
*
* @param date $start start date
* @param date $end end date
* @return array guests
* @access public
* @since 2004-06-12
* @author Christian Ehret <*****@*****.**>
*/
function getlist($start, $end)
{
global $gDatabase, $tbl_booking, $tbl_room, $tbl_guest, $tbl_booking_detail, $tbl_bookingcat, $tbl_booking_detail_guest, $errorhandler;
$bookings = array();
//$start = $start -1;
$end = $end - 1;
$query = "SELECT bd.end_date, DATE_FORMAT(bd.end_date, '%d.%m.%Y'), \n\t\t\t\t\t\t r.room, bd.fk_room_id " . sprintf("FROM {$tbl_booking} b, {$tbl_booking_detail} bd\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t WHERE (UNIX_TIMESTAMP(bd.end_date) BETWEEN %s AND %s) \n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) \n\t\t\t\t\t\t ORDER BY bd.end_date, r.room", MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Roomchangelist::getlist()', $query);
} else {
$row = 0;
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$color = 0;
if ($row % 2 != 0) {
$color = 1;
}
$enddate = MetabaseFetchResult($gDatabase, $result, $row, 0);
$roomid = MetabaseFetchResult($gDatabase, $result, $row, 3);
$query = "SELECT \n\t\t DATE_FORMAT(bd.start_date, '%d.%m.%Y'), \n\t\t\t\t \t\t bc.bookingcat,\n\t\t\t\t\t\t b.persons, b.children, b.children2, b.children3, b.booking_type,\n\t\t\t\t\t\t g.firstname, g.lastname, b.additional_info, DATE_FORMAT(bd.end_date, '%d.%m.%Y'),\n\t\t\t\t\t\t b.children0\n FROM {$tbl_booking} b, {$tbl_booking_detail} bd\n\t\t\t\t\t\t LEFT JOIN {$tbl_guest} g ON b.fk_guest_id = g.pk_guest_id\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_bookingcat} bc ON b.fk_bookingcat_id = bc.pk_bookingcat_id\n\t\t\t\t\t\t WHERE bd.fk_room_id = {$roomid} AND bd.start_date >= '{$enddate}'\n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) \n\t\t\t\t\t\t ORDER BY bd.start_date LIMIT 0,1";
$result2 = MetabaseQuery($gDatabase, $query);
if (!$result2) {
$errorhandler->display('SQL', 'Roomchangelist::getlist()', $query);
} elseif (MetabaseNumberOfRows($gDatabase, $result2) == 1) {
$bookings[$row] = array('enddate' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color, 'startdate' => MetabaseFetchResult($gDatabase, $result2, 0, 0), 'bookingcat' => MetabaseFetchResult($gDatabase, $result2, 0, 1), 'person' => MetabaseFetchResult($gDatabase, $result2, 0, 2), 'children1' => MetabaseFetchResult($gDatabase, $result2, 0, 3), 'children2' => MetabaseFetchResult($gDatabase, $result2, 0, 4), 'children3' => MetabaseFetchResult($gDatabase, $result2, 0, 5), 'firstname' => MetabaseFetchResult($gDatabase, $result2, 0, 7), 'lastname' => MetabaseFetchResult($gDatabase, $result2, 0, 8), 'addinfo' => MetabaseFetchResult($gDatabase, $result2, 0, 9), 'enddate2' => MetabaseFetchResult($gDatabase, $result2, 0, 10), 'children0' => MetabaseFetchResult($gDatabase, $result2, 0, 11));
} else {
$bookings[$row] = array('enddate' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color, 'startdate' => "", 'bookingcat' => "", 'person' => "", 'children1' => "", 'children2' => "", 'children3' => "", 'firstname' => "", 'lastname' => "", 'addinfo' => "", 'enddate2' => "");
}
}
}
return $bookings;
}
/**
* Guestlist::getlist()
*
* This function returns a list of guests wich are checked in.
*
* @param date $start start date
* @param date $end end date
* @param int $bcat booking cat (-1 for all)
* @return array guests
* @access public
* @since 2004-06-05
* @author Christian Ehret <*****@*****.**>
*/
function getlist($start, $end, $bcat)
{
global $gDatabase, $tbl_booking, $tbl_guest, $tbl_guest_address, $tbl_address, $tbl_room, $tbl_booking_detail, $tbl_bookingcat, $tbl_booking_detail_guest, $errorhandler;
$guests = array();
$query = "SELECT b.pk_booking_id, b.fk_guest_id, g.firstname, g.lastname, \n\t\t DATE_FORMAT(b.start_date, '%d.%m.%Y'), \n\t\t\t\t \t\t DATE_FORMAT(b.end_date, '%d.%m.%Y'), \n\t\t\t\t \t\t bd.pk_booking_detail_id, r.room, bc.bookingcat,\n\t\t\t\t\t\t b.persons, b.children, b.children2, b.children3, b.booking_type, a.email, b.children0 " . sprintf("FROM {$tbl_booking} b, {$tbl_guest} g, {$tbl_booking_detail} bd\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_bookingcat} bc ON b.fk_bookingcat_id = bc.pk_bookingcat_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_guest_address} ga ON ga.pk_fk_guest_id = g.pk_guest_id AND default_address = %s\n\t\t\t\t\t\t LEFT JOIN {$tbl_address} a ON ga.pk_fk_address_id = a.pk_address_id\t\t\t\t\t\t \n\t\t\t\t\t\t WHERE ((UNIX_TIMESTAMP(b.start_date) BETWEEN %s AND %s) \n\t\t\t\t\t\t OR (UNIX_TIMESTAMP(b.end_date) BETWEEN %s AND %s)\n\t\t\t\t\t\t OR (%s BETWEEN UNIX_TIMESTAMP(b.start_date) AND UNIX_TIMESTAMP(b.end_date))\n\t\t\t\t\t\t OR (%s BETWEEN UNIX_TIMESTAMP(b.start_date) AND UNIX_TIMESTAMP(b.end_date)))\n\t\t\t\t\t\t AND g.pk_guest_id = b.fk_guest_id \n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) ", MetabaseGetBooleanFieldValue($gDatabase, true), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end));
if ($bcat != -1) {
$query .= "AND b.fk_bookingcat_id = {$bcat} ";
}
$query .= "ORDER BY r.room ";
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Checkout::get()', $query);
} else {
$row = 0;
$person = 0;
$children0 = 0;
$children1 = 0;
$children2 = 0;
$children3 = 0;
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$color = 0;
if ($row % 2 != 0) {
$color = 1;
}
if (MetabaseFetchResult($gDatabase, $result, $row, 13) == 'R') {
$bookingtype = 'Reservierung';
} elseif (MetabaseFetchResult($gDatabase, $result, $row, 13) == 'B') {
$bookingtype = 'Buchung';
} else {
$bookingtype = 'Abgerechnet';
}
$guests[$row] = array('bookingid' => MetabaseFetchResult($gDatabase, $result, $row, 0), 'guestid' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'firstname' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'lastname' => MetabaseFetchResult($gDatabase, $result, $row, 3), 'startdate' => MetabaseFetchResult($gDatabase, $result, $row, 4), 'enddate' => MetabaseFetchResult($gDatabase, $result, $row, 5), 'bookingdetailid' => MetabaseFetchResult($gDatabase, $result, $row, 6), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 7), 'bookingcat' => MetabaseFetchResult($gDatabase, $result, $row, 8), 'person' => MetabaseFetchResult($gDatabase, $result, $row, 9), 'children1' => MetabaseFetchResult($gDatabase, $result, $row, 10), 'children2' => MetabaseFetchResult($gDatabase, $result, $row, 11), 'children3' => MetabaseFetchResult($gDatabase, $result, $row, 12), 'children0' => MetabaseFetchResult($gDatabase, $result, $row, 15), 'email' => MetabaseFetchResult($gDatabase, $result, $row, 14), 'bookingtype' => $bookingtype, 'color' => $color);
$person += MetabaseFetchResult($gDatabase, $result, $row, 9);
$children0 += MetabaseFetchResult($gDatabase, $result, $row, 15);
$children1 += MetabaseFetchResult($gDatabase, $result, $row, 10);
$children2 += MetabaseFetchResult($gDatabase, $result, $row, 11);
$children3 += MetabaseFetchResult($gDatabase, $result, $row, 12);
}
$color = 0;
if ($row % 2 != 0) {
$color = 1;
}
$guests[$row] = array('bookingid' => '', 'guestid' => '', 'firstname' => '', 'lastname' => '', 'startdate' => '', 'enddate' => '', 'bookingdetailid' => '', 'room' => '', 'bookingcat' => '', 'person' => $person, 'children1' => $children1, 'children2' => $children2, 'children3' => $children3, 'children0' => $children0, 'bookingtype' => 'Summe: ', 'color' => $color);
}
return $guests;
}
/**
* price::save()
*
* save prices for a season
*
* @access public
* @since 2004-01-01
* @author Christian Ehret <*****@*****.**>
*/
function save()
{
global $gDatabase, $request, $tbl_price, $tbl_price2, $errorhandler, $rcat, $bcat;
// turn on Transaction Control
$auto_commit = false;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
$seasonids = array();
$seasonids = $request->getVar('frm_seasonid', 'post');
$bcats = $bcat->Get();
$rcats = $rcat->get('N');
$rcats2 = $rcat->get('A');
for ($i = 0; $i < count($seasonids); $i++) {
// delete all old entries for the season for price normal
$query = sprintf("DELETE FROM {$tbl_price} WHERE fk_season_id = %s", $seasonids[$i]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Price::save()', $query);
}
// delete all old entries for the season for price advanced
$query = sprintf("DELETE FROM {$tbl_price2} WHERE fk_season_id = %s", $seasonids[$i]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Price::save()', $query);
}
// insert new values
for ($j = 0; $j < count($bcats); $j++) {
for ($k = 0; $k < count($rcats); $k++) {
$frmperson = "frm_price_adult_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmperson_short = "frm_price_adult_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren = "frm_price_child_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren_short = "frm_price_child_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren2 = "frm_price_child2_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren2_short = "frm_price_child2_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren3 = "frm_price_child3_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmchildren3_short = "frm_price_child3_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmabsolute = "frm_price_pausch_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmabsolute_short = "frm_price_pausch_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$frmtype = "frm_type_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid];
$priceperson = 0.0;
$pricepersonshort = 0.0;
$pricechildren = 0.0;
$pricechildrenshort = 0.0;
$pricechildren2 = 0.0;
$pricechildren2short = 0.0;
$pricechildren3 = 0.0;
$pricechildren3short = 0.0;
if ($request->GetVar($frmperson, 'post') !== "") {
$priceperson = $request->GetVar($frmperson, 'post');
}
if ($request->GetVar($frmperson_short, 'post') !== "") {
$pricepersonshort = $request->GetVar($frmperson_short, 'post');
}
if ($request->GetVar($frmchildren, 'post') !== "") {
$pricechildren = $request->GetVar($frmchildren, 'post');
}
if ($request->GetVar($frmchildren_short, 'post') !== "") {
$pricechildrenshort = $request->GetVar($frmchildren_short, 'post');
}
if ($request->GetVar($frmchildren2, 'post') !== "") {
$pricechildren2 = $request->GetVar($frmchildren2, 'post');
}
if ($request->GetVar($frmchildren2_short, 'post') !== "") {
$pricechildren2short = $request->GetVar($frmchildren2_short, 'post');
}
if ($request->GetVar($frmchildren3, 'post') !== "") {
$pricechildren3 = $request->GetVar($frmchildren3, 'post');
}
if ($request->GetVar($frmchildren3_short, 'post') !== "") {
$pricechildren3short = $request->GetVar($frmchildren3_short, 'post');
}
$name = "zvs_pk_price_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$priceid);
$query = sprintf("INSERT INTO {$tbl_price}\n\t\t\t\t\t\t\t\t (pk_price_id, fk_roomcat_id, fk_bookingcat_id,\n\t\t\t\t\t\t\t\t fk_season_id, price_person, price_children, \n\t\t\t\t\t\t\t\t price_type, inserted_date, fk_inserted_user_id, \n\t\t\t\t\t\t\t\t price_person_short, price_children_short,\n\t\t\t\t\t\t\t\t price_children2, price_children2_short, price_children3, price_children3_short) \n\t\t\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t\t\t (%s, %s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s, %s, %s, %s, %s) ", $priceid, $rcats[$k][catid], $bcats[$j][bcatid], $seasonids[$i], $priceperson, $pricechildren, MetabaseGetTextFieldValue($gDatabase, 'PP'), $request->GetVar('uid', 'session'), $pricepersonshort, $pricechildrenshort, $pricechildren2, $pricechildren2short, $pricechildren3, $pricechildren3short);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Price::save()', $query);
}
}
for ($k = 0; $k < count($rcats2); $k++) {
$frmprice = "frm_price_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid];
$frmprice_short = "frm_price_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid];
$frmperson = "frm_person_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid];
$frmadditional = "frm_additional_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid];
$frmadditional_short = "frm_additional_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid];
$price = 0.0;
$priceshort = 0.0;
$additional = 0.0;
$additionalshort = 0.0;
if ($request->GetVar($frmprice, 'post') !== "") {
$price = $request->GetVar($frmprice, 'post');
}
if ($request->GetVar($frmprice_short, 'post') !== "") {
$priceshort = $request->GetVar($frmprice_short, 'post');
}
if ($request->GetVar($frmadditional, 'post') !== "") {
$additional = $request->GetVar($frmadditional, 'post');
}
if ($request->GetVar($frmadditional_short, 'post') !== "") {
$additionalshort = $request->GetVar($frmadditional_short, 'post');
}
$name = "zvs_pk_price2_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$priceid);
$query = sprintf("INSERT INTO {$tbl_price2}\n\t\t\t\t\t\t\t\t (pk_price2_id, fk_roomcat_id, fk_bookingcat_id,\n\t\t\t\t\t\t\t\t fk_season_id, price, price_short, \n\t\t\t\t\t\t\t\t persons_included, price_additional, price_short_additional,\n\t\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id) \n\t\t\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t\t\t (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s) ", $priceid, $rcats2[$k][catid], $bcats[$j][bcatid], $seasonids[$i], $price, $priceshort, MetabaseGetTextFieldValue($gDatabase, $request->GetVar($frmperson, 'post')), $additional, $additionalshort, $request->GetVar('uid', 'session'));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Price::save()', $query);
}
}
}
}
$success = MetabaseCommitTransaction($gDatabase);
// end transaction
$auto_commit = true;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
}
/**
* Guest::importZVSGuest()
*
* Import ZVS User
*
* @access public
* @since 2004-12-14
* @author Christian Ehret <*****@*****.**>
*/
function importZVSGuest()
{
global $gDatabase, $tbl_bookingcat, $tbl_barguest, $tbl_zvs_bookingcat, $tbl_zvs_guest, $tbl_zvs_booking, $tbl_zvs_booking_detail, $gZVSDatabase, $tbl_user, $errorhandler, $request;
$guests = array();
$query = "SELECT pk_guest_id, firstname, lastname, fk_bookingcat_id " . sprintf("FROM {$tbl_zvs_booking}, {$tbl_zvs_guest}, {$tbl_zvs_booking_detail} \n\t\t\t\t\t\t WHERE checked_in = %s \n\t\t\t\t\t\t AND checked_out = %s\n\t\t\t\t\t\t AND pk_guest_id = fk_guest_id \n\t\t\t\t\t\t AND pk_booking_id = fk_booking_id \n\t\t\t\t\t\t AND ISNULL({$tbl_zvs_booking}.deleted_date) \n\t\t\t\t\t\t ORDER BY lastname", MetabaseGetBooleanFieldValue($gZVSDatabase, true), MetabaseGetBooleanFieldValue($gZVSDatabase, false));
$zvsresult = MetabaseQuery($gZVSDatabase, $query);
if (!$zvsresult) {
$errorhandler->display('SQL', 'Guest::importZVSGuest()', $query);
} else {
for ($row = 0; ($eor = MetabaseEndOfResult($gZVSDatabase, $zvsresult)) == 0; ++$row) {
$query = "SELECT pk_bookingcat_id \n\t\t\t\t FROM {$tbl_bookingcat}\n\t\t\t\t\t\t WHERE fk_zvsbookingcat_id = " . MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 3);
$catresult = MetabaseQuery($gDatabase, $query);
if (!$catresult) {
$errorhandler->display('SQL', 'Guest::importZVSGuest()', $query);
} else {
$query = "SELECT pk_barguest_id \n\t\t\t\t FROM {$tbl_barguest}\n\t\t\t\t\t\t WHERE fk_zvsguest_id = " . MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 0);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Guest::importZVSGuest()', $query);
}
if (MetabaseNumberOfRows($gDatabase, $result) == 1) {
$query = sprintf("UPDATE {$tbl_barguest} \n\t\t\t\t\t\t\t\t\t\t SET firstname = %s, \n\t\t\t\t\t\t\t\t\t\t lastname = %s,\n\t\t\t\t\t\t\t\t\t\t fk_bookingcat_id = %s,\n\t\t\t\t\t\t\t\t\t\t deleted_date = NULL,\n\t\t\t\t\t\t\t\t\t\t fk_deleted_user_id = NULL\n\t\t\t\t\t\t\t\t\t\t WHERE pk_barguest_id = %s", MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 2)), MetabaseFetchResult($gDatabase, $catresult, 0, 0), MetabaseFetchResult($gDatabase, $result, 0, 0));
} else {
$name = "zvs_pk_barguest_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$barguestid);
$query = sprintf("INSERT INTO {$tbl_barguest}\n\t\t\t\t\t\t\t\t\t\t (pk_barguest_id, fk_zvsguest_id, fk_bookingcat_id, firstname, lastname, inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, NOW(), %s)", $barguestid, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 0), MetabaseFetchResult($gDatabase, $catresult, 0, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 2)), 1);
}
$result2 = MetabaseQuery($gDatabase, $query);
if (!$result2) {
$errorhandler->display('SQL', 'Guest::importZVSGuest()', $query);
}
}
}
}
}
/**
* auth::auth_validatelogin()
*
* validate login
*
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
* @return number user id
*/
function auth_validatelogin()
{
global $gDatabase2, $tbl_employee, $tbl_hotel, $uid, $firstname, $request, $sess, $smarty, $errorhandler;
$auth_challenge = session_id();
$auth_username = $request->GetVar('username', 'post');
$auth_password = $request->GetVar('password', 'post');
$auth_response = $request->GetVar('response', 'post');
$this->auth["uname"] = $auth_username;
## This provides access for "loginform.ihtml"
$query = sprintf("SELECT e.pk_employee_id, e.password, e.firstname, e.lastname, \n\t\t e.login, e.fk_hotel_id, h.database_schema, h.hotel_code \n\t\t\t\t\t\t FROM {$tbl_employee} e, {$tbl_hotel} h \n\t\t\t\t\t\t WHERE e.login = %s \n\t\t\t\t\t\t AND e.locked = %s \n\t\t\t\t\t\t AND ISNULL(deleted_date)\n\t\t\t\t\t\t AND e.fk_hotel_id = h.pk_hotel_id ", MetabaseGetTextFieldValue($gDatabase2, addslashes($auth_username)), MetabaseGetBooleanFieldValue($gDatabase2, false));
$result = MetabaseQuery($gDatabase2, $query);
if (!$result) {
$errorhandler->display('SQL', 'auth::auth_validatelogin()', $query);
} else {
if (MetabaseNumberOfRows($gDatabase2, $result) != 0) {
if ($result) {
$uid = MetabaseFetchResult($gDatabase2, $result, 0, 0);
$pass = MetabaseFetchResult($gDatabase2, $result, 0, 1);
## Password is stored as a md5 hash
$firstname = MetabaseFetchResult($gDatabase2, $result, 0, 2);
$lastname = MetabaseFetchResult($gDatabase2, $result, 0, 3);
$login = MetabaseFetchResult($gDatabase2, $result, 0, 4);
$hotelid = MetabaseFetchResult($gDatabase2, $result, 0, 5);
$schema = MetabaseFetchResult($gDatabase2, $result, 0, 6);
$hotel_code = MetabaseFetchResult($gDatabase2, $result, 0, 7);
}
}
}
$exspected_response = md5("{$auth_username}:{$pass}:{$auth_challenge}");
// # True when JS is disabled
if ($auth_response == "") {
if (md5($auth_password) != $pass) {
// # md5 hash for non-JavaScript browsers
return false;
} else {
$sess->SetVar("firstname", $firstname);
$sess->SetVar("lastname", $lastname);
$sess->SetVar("login", $login);
$sess->SetVar("uid", $uid);
$sess->SetVar("authenticated", 'valid');
$sess->SetVar("hotelid", $hotelid);
$sess->SetVar("schema", $schema);
$sess->SetVar("hotel_code", $hotel_code);
return $uid;
}
}
// # Response is set, JS is enabled
if ($exspected_response != $auth_response) {
return false;
} else {
$sess->SetVar('firstname', $firstname);
$sess->SetVar('lastname', $lastname);
$sess->SetVar('login', $login);
$sess->SetVar('uid', $uid);
$sess->SetVar('authenticated', 'valid');
$sess->SetVar("hotelid", $hotelid);
$sess->SetVar("schema", $schema);
$sess->SetVar("hotel_code", $hotel_code);
return $uid;
}
}
/**
* Barguestcat::saveupdate()
*
* Save Barguestcategory as new or update existing one
*
* @access public
* @since 2006-02-17
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_barguestcat, $errorhandler;
$barguestcatid = $request->GetVar('frm_barguestcatid', 'post');
// update
if ($barguestcatid !== '0') {
$query = sprintf("UPDATE {$tbl_barguestcat} SET \n\t\t\t barguestcat = %s, \n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_barguestcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_barguestcat', 'post')), $request->GetVar('uid', 'session'), $barguestcatid);
} else {
// new
$name = "zvs_pk_barguestcat_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$barguestcatid);
$query = sprintf("INSERT INTO {$tbl_barguestcat}\n\t\t\t (pk_barguestcat_id, barguestcat, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, NOW(), %s, NOW(), %s )", $barguestcatid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_barguestcat', 'post')), $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Barguestcat::saveupdate()', $query);
}
}
/**
* Guest::shareaddress()
*
* share address
*
* @param string $shareid address id and type of source
* @param number $guestid address id
* @param string $type type of aim
* @access public
* @since 2005-08-20
* @author Christian Ehret <*****@*****.**>
*/
function shareaddress($shareid, $guestid, $type)
{
global $gDatabase, $tbl_guest_address, $tbl_address, $errorhandler;
$sharetype = substr($shareid, 0, 1);
$shareid = substr($shareid, 2);
$type = ucfirst(substr($type, 0, 1));
$auto_commit = false;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
$query = sprintf("SELECT pk_fk_address_id FROM {$tbl_guest_address}\n\t\t WHERE pk_fk_guest_id = %s\n\t\t\t\t\t\t AND address_type = %s ", $guestid, MetabaseGetTextFieldValue($gDatabase, $type));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Guest::shareaddress()', $query);
}
$oldaddressid = MetabaseFetchResult($gDatabase, $result, 0, 0);
$query = sprintf("SELECT pk_fk_address_id FROM {$tbl_guest_address}\n\t\t WHERE pk_fk_guest_id = %s\n\t\t\t\t\t\t AND address_type = %s ", $shareid, MetabaseGetTextFieldValue($gDatabase, $sharetype));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Guest::shareaddress()', $query);
}
$newaddressid = MetabaseFetchResult($gDatabase, $result, 0, 0);
if ($oldaddressid) {
$query = sprintf("UPDATE {$tbl_guest_address} ga \n\t\t SET pk_fk_address_id = %s \n\t\t\t\t\t\t WHERE pk_fk_guest_id = %s \n\t\t\t\t\t\t AND address_type = %s", $newaddressid, $guestid, MetabaseGetTextFieldValue($gDatabase, $type));
} else {
$query = sprintf("INSERT INTO {$tbl_guest_address} \n\t\t\t\t\t\t (pk_fk_guest_id, pk_fk_address_id, address_type) \n\t\t\t\t\t\t VALUES (%s, %s, %s)", $guestid, $newaddressid, MetabaseGetTextFieldValue($gDatabase, $type));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Guest::shareaddress()', $query);
}
if ($oldaddressid) {
// check if address is used more than this time
$query = "SELECT count( * ) FROM {$tbl_guest_address} \n\t\t\t WHERE pk_fk_address_id = {$oldaddressid}";
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Guest::shareaddress()', $query);
} else {
$count = MetabaseFetchResult($gDatabase, $result, 0, 0);
}
if ($count == 0) {
$query = sprintf("DELETE FROM {$tbl_address} \n\t\t\t\t\t\t WHERE pk_address_id = %s", $oldaddressid, MetabaseGetTextFieldValue($gDatabase, $type));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Guest::shareaddress()', $query);
}
}
}
$success = MetabaseCommitTransaction($gDatabase);
// end transaction
$auto_commit = true;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
}
/**
* Employee::saveupdate()
*
* Save employee as new or update existing one
*
* @access public
* @since 2004-10-03
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase2, $request, $tbl_employee, $errorhandler;
$userid = $request->GetVar('frm_userid', 'post');
$salery = $request->GetVar('frm_salary', 'post');
if (!is_numeric($salery)) {
$salery = '0.00';
}
// update
if ($userid !== '0') {
if ($request->GetVar('response', 'post') == 'd41d8cd98f00b204e9800998ecf8427e') {
$query = sprintf("UPDATE {$tbl_employee} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t salary = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_employee_id = %s ", $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $userid);
} else {
$query = sprintf("UPDATE {$tbl_employee} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t password = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t salary = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_employee_id = %s ", $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $userid);
}
} else {
// new
$name = "zvs_pk_employee_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase2, $name, &$employee_id);
$query = sprintf("INSERT INTO {$tbl_employee}\n\t\t\t (pk_employee_id, fk_hotel_id, lastname, firstname, login, password, locked, salary, fk_language_id, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, NOW(), %s )", $employee_id, $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase2, $query);
if (!$result) {
$errorhandler->display('SQL', 'Employee::saveupdate()', $query);
}
}
/**
* room::saveupdate()
*
* save a new room or update an existing one
*
* @return number room id
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_room, $errorhandler;
$roomid = $request->GetVar('frm_roomid', 'post');
// update
if ($roomid !== '0') {
$query = sprintf("UPDATE {$tbl_room} SET " . "room = %s, " . "capacity = %s, " . "description = %s, " . "fk_roomcat_id = %s, " . "updated_date = NOW(), " . "fk_updated_user_id = %s " . "WHERE pk_room_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_persons', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_info', 'post')), $request->GetVar('frm_roomcat', 'post'), $request->GetVar('uid', 'session'), $roomid);
} else {
// new
$name = "zvs_pk_room_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$roomid);
$query = sprintf("INSERT INTO {$tbl_room}" . "(pk_room_id, room, capacity, description, " . "fk_roomcat_id, inserted_date, fk_inserted_user_id )" . "VALUES (%s, %s, %s, %s, %s, NOW(), %s )", $roomid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_persons', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_info', 'post')), $request->GetVar('frm_roomcat', 'post'), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'room::saveupdate()', $query);
} else {
return $roomid;
}
}
/**
* DefaultData::´setfield()
*
* This function updates a given field and updates the session value
*
* @param number $id id of field
* @param string $value value
* @access public
* @since 2003-08-01
* @author Christian Ehret <*****@*****.**>
*/
function setfield($id, $value)
{
global $tbl_default, $tbl_hotel_default, $gDatabase, $request, $sess, $errorhandler;
$query = sprintf("SELECT fieldtype, default_name " . "FROM {$tbl_default} " . "WHERE pk_default_id = %s ", $id);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'defaultdata::setfield()', $query);
} else {
$fieldname = MetabaseFetchResult($gDatabase, $result, 0, 1);
if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "int") {
$field = "integer_value";
$inputvalue = MetabaseGetTextFieldValue($gDatabase, $value);
} else {
if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "boolean") {
$field = "boolean_value";
$inputvalue = MetabaseBooleanFieldValue($gDatabase, $value);
} else {
if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "date") {
$field = "datetime_value";
$inputvalue = MetabaseGetTextFieldValue($gDatabase, $value);
} else {
$field = "string_value";
$inputvalue = MetabaseGetTextFieldValue($gDatabase, $value);
}
}
}
$query = sprintf("SELECT updated_date " . "FROM {$tbl_hotel_default} " . "WHERE pk_fk_hotel_id = %s " . "AND pk_fk_default_id = %s ", $request->GetVar('hotelid', 'session'), $id);
$result = MetabaseQuery($gDatabase, $query);
$rows = MetabaseNumberOfRows($gDatabase, $result);
if ($rows == 0) {
$query = sprintf("INSERT INTO {$tbl_hotel_default} " . "(pk_fk_hotel_id, pk_fk_default_id, {$field}, " . "fk_inserted_user_id, inserted_date) " . "VALUES (%s, %s, %s, %s, NOW()) ", $request->GetVar('hotelid', 'session'), $id, $inputvalue, $request->GetVar('uid', 'session'));
} else {
$query = sprintf("UPDATE {$tbl_hotel_default} " . "SET {$field} = %s, " . "fk_updated_user_id = %s, " . "updated_date = NOW(), " . "WHERE pk_fk_hotel_id = %s " . "AND pk_fk_default_id = %s ", $inputvalue, $request->GetVar('uid', 'session'), $request->GetVar('hotelid', 'session'), $id);
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'defaultdata::setfield()', $query);
} else {
$sess->SetVar($fieldname, $value);
}
}
}
/**
* Timetracker::saveupdate()
*
* save a new timespan or update an existing one
*
* @return number timetracker id
* @access public
* @since 2004-10-13
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_timetracker, $errorhandler;
$timetrackerid = $request->GetVar('frm_timetrackerid', 'post');
$start = $request->GetVar('frm_thestart', 'post');
$start = explode(".", $start);
$start = $start[2] . "-" . $start[1] . "-" . $start[0] . " " . $request->GetVar('frm_starttime', 'post');
$end = $request->GetVar('frm_theend', 'post');
$end = explode(".", $end);
$end = $end[2] . "-" . $end[1] . "-" . $end[0] . " " . $request->GetVar('frm_endtime', 'post');
// update
if ($timetrackerid !== '0') {
$query = sprintf("UPDATE {$tbl_timetracker} SET \n\t\t\t\t\t\t\t start_date = %s, \n\t\t\t\t\t\t\t end_date = %s,\n\t\t\t\t\t\t\t updated_date = NOW(),\n\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t WHERE pk_timetracker_id = %s ", MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), $request->GetVar('frm_employee', 'post'), $timetrackerid);
} else {
// new
$name = "zvs_pk_timetracker_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$timetrackerid);
$query = sprintf("INSERT INTO {$tbl_timetracker}\n\t\t\t\t\t\t\t (pk_timetracker_id, fk_employee_id, start_date, end_date, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, NOW(), %s )", $timetrackerid, $request->GetVar('frm_employee', 'post'), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), $request->GetVar('frm_employee', 'post'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Timetracker::saveupdate()', $query);
} else {
return $timetrackerid;
}
}
} else {
if ($request->GetVar('frm_step', 'post') == "savedays") {
$start = $request->GetVar('frm_start', 'post');
$starttmp = date("Y-m-d", $start);
$days = $request->GetVar('frm_days', 'post');
$end = strtotime("{$starttmp} + {$days} days");
// transaction control
$auto_commit = false;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
$query = sprintf("UPDATE {$tbl_booking} SET end_date = %s, updated_date = NOW(), fk_updated_user_id = %s WHERE pk_booking_id = %s ", MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $end)), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('uid', 'session')), MetabaseGetTextFieldValue($gDatabase, $bookid));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'editbook.php', $query);
} else {
$query = sprintf("UPDATE {$tbl_booking_detail} SET end_date = %s, updated_date = NOW(), fk_updated_user_id = %s WHERE pk_booking_detail_id = %s ", MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $end)), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('uid', 'session')), MetabaseGetTextFieldValue($gDatabase, $bookingdetailid));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'editbook.php', $query);
} else {
$success = MetabaseCommitTransaction($gDatabase);
// end transaction
$auto_commit = true;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
}
}
} else {
$smarty->assign('tpl_step', '0');
$smarty->assign('tpl_emailconfirmation', $booking->emailConfirmation($bookid));
$firstpage = true;
/**
* price::savedraft()
*
* save draft receipt
*
* @return $draftreceiptid draft receipt id
* @access public
* @since 2004-04-18
* @author Christian Ehret <*****@*****.**>
*/
function savedraft()
{
global $gDatabase, $tbl_draftreceipt, $tbl_draftreceipt_booking, $tbl_draftreceipt_item, $tbl_account, $errorhandler, $request;
$auto_commit = false;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
$receipt = array();
$doneitems = array();
$commissionids = array();
$commissionids = $request->GetVar('frm_commissionid', 'post');
$receipt = $this->recalculate($request->GetVar('frm_bookid', 'post'), $request->GetVar('length_short_stay', 'session'), $request->GetVar('frm_guestid', 'post'));
$receiptdate = explode(".", $receipt[data][receipt_date]);
$strreceiptdate = $receiptdate[2] . "-" . $receiptdate[1] . "-" . $receiptdate[0];
if ($request->GetVar('frm_bookids', 'post') !== $request->undefined) {
$bookids = $request->GetVar('frm_bookids', 'post');
} else {
$bookids = array($request->GetVar('frm_bookid', 'post'));
}
for ($i = 0; $i < count($receipt[data][start_date]); $i++) {
$start = explode(".", $receipt[data][start_date][$i]);
$strstart[$i] = $start[2] . "-" . $start[1] . "-" . $start[0];
$end = explode(".", $receipt[data][end_date][$i]);
$strend[$i] = $end[2] . "-" . $end[1] . "-" . $end[0];
}
if ($receipt[data][draftreceiptid] != -1 && $receipt[data][draftreceiptid] != "") {
$draftreceiptid = $receipt[data][draftreceiptid];
$query = sprintf("UPDATE {$tbl_draftreceipt} SET\n\t\t\t\t\t\t\t fk_guest_id = %s,\n\t\t\t\t\t\t\t address = %s,\n\t\t\t\t\t\t \t receipt_date = %s, \n\t\t\t\t\t\t\t sum_netto = %s, \n\t\t\t\t\t\t\t sum_brutto = %s, \n\t\t\t\t\t\t \t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t WHERE pk_draftreceipt_id = %s", $receipt[data][guestid], MetabaseGetTextFieldValue($gDatabase, $receipt[data][address]), MetabaseGetTextFieldValue($gDatabase, $strreceiptdate), $receipt[data][price_netto_total], $receipt[data][price_total], $request->GetVar('uid', 'session'), $draftreceiptid);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
} else {
for ($i = 0; $i < count($bookids); $i++) {
$query = sprintf("UPDATE {$tbl_draftreceipt_booking}\n\t\t\t\t\t\t\t\t SET start_date = %s, end_date = %s\n\t\t\t\t\t\t\t\t WHERE pk_fk_draftreceipt_id = %s AND pk_fk_booking_id = %s", MetabaseGetTextFieldValue($gDatabase, $strstart[$i]), MetabaseGetTextFieldValue($gDatabase, $strend[$i]), $draftreceiptid, $bookids[$i]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
}
// get all items which are in the system
$query = "SELECT pk_draftreceipt_item_id FROM {$tbl_draftreceipt_item} WHERE fk_draftreceipt_id = " . $receipt[data][draftreceiptid];
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
} else {
$olditems = array();
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$olditems[$row] = MetabaseFetchResult($gDatabase, $result, $row, 0);
}
for ($i = 0; $i < count($receipt[items]); ++$i) {
// is a new one
if ($receipt[items][$i][itemid] == -1 || !in_array($receipt[items][$i][itemid], $olditems)) {
$name = "zvs_pk_draftreceipt_item_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptitemid);
$query = sprintf("INSERT INTO {$tbl_draftreceipt_item}\n\t\t\t\t\t\t\t (pk_draftreceipt_item_id, fk_draftreceipt_id, article, amount,\n\t\t\t\t\t\t\t price_netto, price_brutto, mwst, \n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptitemid, $draftreceiptid, MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session'));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
} else {
array_push($doneitems, $receipt[items][$i][itemid]);
$query = sprintf("UPDATE {$tbl_draftreceipt_item} SET\n\t\t\t\t\t\t\t\t\t article = %s, \n\t\t\t\t\t\t\t\t\t amount = %s,\n\t\t\t\t\t\t\t \t\t price_netto = %s, \n\t\t\t\t\t\t\t\t\t price_brutto = %s, \n\t\t\t\t\t\t\t\t\t mwst = %s, \n\t\t\t\t\t\t\t \t\t updated_date = NOW(), \n\t\t\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t\t\t WHERE pk_draftreceipt_item_id = %s", MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session'), $receipt[items][$i][itemid]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
}
}
// set deleted items delted
$deleteitems = array_values(array_diff($olditems, $doneitems));
for ($i = 0; $i < count($deleteitems); $i++) {
$query = sprintf("UPDATE {$tbl_draftreceipt_item} SET\n\t\t\t\t\t\t\t\t\t\tdeleted_date = NOW(),\n\t\t\t\t\t\t\t\t\t\tfk_deleted_user_id = %s\n\t\t\t\t\t\t\t\t\t\tWHERE pk_draftreceipt_item_id = %s ", $request->GetVar('uid', 'session'), $deleteitems[$i]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
}
}
}
} else {
$name = "zvs_pk_draftreceipt_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptid);
$query = sprintf("INSERT INTO {$tbl_draftreceipt}\n\t\t\t\t\t\t (pk_draftreceipt_id, fk_guest_id, address,\n\t\t\t\t\t\t receipt_date, sum_netto, sum_brutto, \n\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptid, $receipt[data][guestid], MetabaseGetTextFieldValue($gDatabase, $receipt[data][address]), MetabaseGetTextFieldValue($gDatabase, $strreceiptdate), $receipt[data][price_netto_total], $receipt[data][price_total], $request->GetVar('uid', 'session'));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
} else {
for ($i = 0; $i < count($bookids); $i++) {
$query = sprintf("INSERT INTO {$tbl_draftreceipt_booking}\n\t\t\t\t\t\t\t\t (pk_fk_draftreceipt_id, pk_fk_booking_id, start_date, end_date)\n\t\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s)", $draftreceiptid, $bookids[$i], MetabaseGetTextFieldValue($gDatabase, $strstart[$i]), MetabaseGetTextFieldValue($gDatabase, $strend[$i]));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
}
$sum = $receipt[data][price_total];
for ($k = 0; $k <= count($commissionids); ++$k) {
if ($commissionids[$k] != "") {
$query = sprintf("SELECT amount FROM {$tbl_account}\n\t\t\t\t\t\t\t\t\t WHERE pk_account_id = %s", $commissionids[$k]);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
} elseif (MetabaseNumberOfRows($gDatabase, $result) > 0) {
$sum += MetabaseFetchResult($gDatabase, $result, 0, 0) * -1;
}
}
}
for ($i = 0; $i < count($receipt[items]); ++$i) {
$name = "zvs_pk_draftreceipt_item_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptitemid);
$query = sprintf("INSERT INTO {$tbl_draftreceipt_item}\n\t\t\t\t\t\t\t (pk_draftreceipt_item_id, fk_draftreceipt_id, article, amount,\n\t\t\t\t\t\t\t price_netto, price_brutto, mwst, \n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptitemid, $draftreceiptid, MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session'));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Receipt::savedraft()', $query);
}
}
}
}
$success = MetabaseCommitTransaction($gDatabase);
// end transaction
$auto_commit = true;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
return $draftreceiptid;
}
/**
* User::saveupdate()
*
* Save user as new or update existing one
*
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase2, $request, $tbl_user, $errorhandler;
$userid = $request->GetVar('frm_userid', 'post');
// update
if ($userid !== '0') {
$query = sprintf("UPDATE {$tbl_user} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t\t\t\t\t fk_group_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t password = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_user_id = %s ", $request->GetVar('hotelid', 'session'), $request->GetVar('frm_group', 'post'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), 1, $request->GetVar('uid', 'session'), $userid);
} else {
// new
$name = "zvs_pk_user_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase2, $name, &$userid);
$query = sprintf("INSERT INTO {$tbl_user}\n\t\t\t (pk_user_id, fk_hotel_id, fk_group_id, lastname, firstname, login, password, locked, fk_language_id, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, NOW(), %s )", $userid, $request->GetVar('hotelid', 'session'), $request->GetVar('frm_group', 'post'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), 1, $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase2, $query);
if (!$result) {
$errorhandler->display('SQL', 'User::saveupdate()', $query);
}
}
/**
* RoomCategory::get()
*
* This function returns all categories of a price_type.
*
* @param char $price_type price type
* @return array categories
* @access public
* @since 2004-03-20
* @author Christian Ehret <*****@*****.**>
*/
function get($price_type)
{
global $gDatabase, $tbl_roomcat, $errorhandler, $request;
$cat = array();
$query = sprintf("SELECT pk_roomcat_id, roomcat, price_type \n\t\t\t\t FROM {$tbl_roomcat} \n\t\t\t\t WHERE ISNULL(fk_deleted_user_id) \n\t\t\t\t AND price_type = %s\n\t\t\t\t ORDER BY roomcat", MetabaseGetTextFieldValue($gDatabase, $price_type));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'RoomCategory::get()', $query);
} else {
$row = 0;
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$color = 0;
$articles = "";
if ($row % 2 != 0) {
$color = 1;
}
$cat[$row] = array('catid' => MetabaseFetchResult($gDatabase, $result, $row, 0), 'name' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'price_type' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color);
}
}
return $cat;
}
/**
* article::addroom()
*
* add the link to a roomcategory
*
* @param number $roomcatid room category id
* @param number $articleid article id
* @param enum $pricetype price type PP or PR
* @param boolean $included price included in room or not
* @access public
* @since 2004-03-07
* @author Christian Ehret <*****@*****.**>
*/
function addroom($roomcatid, $articleid, $pricetype, $included)
{
global $gDatabase, $request, $tbl_roomcat_article, $errorhandler;
$person = false;
$children = false;
if ($request->GetVar('frm_person', 'post') == 'true') {
$person = true;
}
if ($request->GetVar('frm_children', 'post') == 'true') {
$children = true;
}
if ($request->GetVar('frm_children2', 'post') == 'true') {
$children2 = true;
}
if ($request->GetVar('frm_children3', 'post') == 'true') {
$children3 = true;
}
$query = sprintf("SELECT pk_fk_article_id \n\t\t\t\t\t\t FROM {$tbl_roomcat_article}\n\t\t\t\t\t\t WHERE pk_fk_roomcat_id = %s \n\t\t\t\t AND pk_fk_article_id = %s", $roomcatid, $articleid);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Article::addroom()', $query);
} elseif (MetabaseNumberOfRows($gDatabase, $result) == 0) {
$query = sprintf("INSERT INTO {$tbl_roomcat_article}\n\t\t\t\t \t\t (pk_fk_roomcat_id, pk_fk_article_id, price_type,\n\t\t\t\t\t\t person, children, children2, children3, included)\n\t\t\t\t\t\t VALUES (%s,%s, %s, %s, %s, %s, %s, %s)", $roomcatid, $articleid, MetabaseGetTextFieldValue($gDatabase, $pricetype), MetabaseGetBooleanFieldValue($gDatabase, $person), MetabaseGetBooleanFieldValue($gDatabase, $children), MetabaseGetBooleanFieldValue($gDatabase, $children2), MetabaseGetBooleanFieldValue($gDatabase, $children3), MetabaseGetBooleanFieldValue($gDatabase, $included));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Article::addroom()', $query);
}
} else {
$query = sprintf("UPDATE {$tbl_roomcat_article} SET\n\t\t\t\t\t\t price_type = %s,\n\t\t\t\t\t\t person = %s, \n\t\t\t\t\t\t children = %s, \n\t\t\t\t\t\t children2 = %s, \n\t\t\t\t\t\t children3 = %s,\n\t\t\t\t\t\t included = %s\n\t\t\t\t\t\t WHERE pk_fk_roomcat_id = %s \n\t\t\t\t\t\t AND pk_fk_article_id = %s ", MetabaseGetTextFieldValue($gDatabase, $pricetype), MetabaseGetBooleanFieldValue($gDatabase, $person), MetabaseGetBooleanFieldValue($gDatabase, $children), MetabaseGetBooleanFieldValue($gDatabase, $children2), MetabaseGetBooleanFieldValue($gDatabase, $children3), MetabaseGetBooleanFieldValue($gDatabase, $included), $roomcatid, $articleid);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Article::addroom()', $query);
}
}
}
/**
* account::book()
*
* book
*
* @param integer $guestid guest id
* @param integer $bookingid booking id
* @param datetime $dateofpayment date of payment
* @param text $description description
* @param number $amount amount
* @param integer $paycatid paycat id
* @param integer $receiptid receipt it (-1 if no receipt)
* @access public
* @since 2004-03-10
* @author Christian Ehret <*****@*****.**>
*/
function book($guestid, $bookingid, $dateofpayment, $description, $amount, $paycatid, $receiptid, $on_receipt)
{
global $gDatabase, $tbl_account, $tbl_booking, $errorhandler, $request;
$name = "zvs_pk_account_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$accountid);
if (($on_receipt === true || $on_receipt == 'true') && $receiptid != -1) {
$on_receipt = true;
} else {
$on_receipt = false;
}
list($day, $month, $year) = split('[.]', $dateofpayment);
$dateofpayment = mktime(0, 0, 0, $month, $day, $year);
if ($receiptid == -1) {
$query = sprintf("INSERT INTO {$tbl_account}\n\t\t\t\t\t\t\t (pk_account_id, fk_guest_id, fk_booking_id, date_payment, description, amount,\n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id, fk_paycat_id, on_receipt)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s )", $accountid, $guestid, $bookingid, MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $dateofpayment)), MetabaseGetTextFieldValue($gDatabase, $description), $amount, $request->GetVar('uid', 'session'), $paycatid, MetabaseGetBooleanFieldValue($gDatabase, $on_receipt));
} else {
$query = sprintf("INSERT INTO {$tbl_account}\n\t\t\t\t\t\t\t (pk_account_id, fk_guest_id, fk_booking_id, date_payment, description, amount, \n\t\t\t\t\t\t\t fk_receipt_id, allocated,\n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id, fk_paycat_id, on_receipt)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s )", $accountid, $guestid, $bookingid, MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $dateofpayment)), MetabaseGetTextFieldValue($gDatabase, $description), $amount, $receiptid, MetabaseGetBooleanFieldValue($gDatabase, true), $request->GetVar('uid', 'session'), $paycatid, MetabaseGetBooleanFieldValue($gDatabase, $on_receipt));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Account::book()', $query);
} else {
$this->setStatus($receiptid, $bookingid);
/*
$receiptsum = $this->getReceiptSum($receiptid);
$receiptsum = $receiptsum['sum'];
$query = "SELECT booking_type FROM $tbl_booking
WHERE pk_booking_id = $bookingid";
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Account::book()', $query);
} else {
if (MetabaseFetchResult($gDatabase, $result, 0, 0) == 'R') {
if ($receiptsum <= 0 && $receiptid != -1) {
$type = 'P';
} else {
$type = 'B';
}
$query = sprintf("UPDATE $tbl_booking
SET booking_type = %s
WHERE pk_booking_id = %s",
MetabaseGetTextFieldValue($gDatabase, $type),
$bookingid
);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Account::book()', $query);
}
} elseif (MetabaseFetchResult($gDatabase, $result, 0, 0) == 'B') {
if ($receiptsum <= 0 && $receiptid != -1) {
$query = sprintf("UPDATE $tbl_booking
SET booking_type = %s
WHERE pk_booking_id = %s",
MetabaseGetTextFieldValue($gDatabase, 'P'),
$bookingid
);
print $query;
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Account::book()', $query);
}
}
}
}
*/
}
}
break;
}
}
if ($success && $pass) {
$passed++;
echo "OK.{$eol}";
}
}
if (isset($tests["escapesequences"]) && $success) {
$test = "escapesequences";
echo "Testing escaping text values with special characters... ";
flush();
$pass = 1;
$test_strings = array("'", "\"", "\\", "%", "_", "''", "\"\"", "\\\\", "\\'\\'", "\\\"\\\"");
for ($string = 0; $string < count($test_strings); $string++) {
$value = MetabaseGetTextFieldValue($database, $test_strings[$string]);
if (!MetabaseQuery($database, "DELETE FROM users") || !MetabaseQuery($database, "INSERT INTO users (user_name,user_password,user_id) VALUES ({$value},{$value},0)") || !($result = MetabaseQuery($database, "SELECT user_name,user_password FROM users"))) {
$success = 0;
} else {
if (MetabaseEndOfResult($database, $result)) {
$pass = 0;
echo "FAILED!{$eol}";
$failed++;
echo "Test {$test}: the query result seems to have reached the end of result earlier than expected{$eol}";
} else {
$field = "user_name";
if (strcmp($value = MetabaseFetchResult($database, $result, 0, $field), $test_strings[$string])) {
$pass = 0;
echo "FAILED!{$eol}";
$failed++;
echo "Test {$test}: the value retrieved for field \"{$field}\" (\"{$value}\") doesn't match what was stored (" . $test_strings[$string] . "){$eol}";
echo "Testing autoincrement fields... ";
flush();
$pass = 1;
$table = "articles";
if (!MetabaseQuery($database, "DELETE FROM {$table}")) {
$success = 0;
} else {
$title = "Some 'title'";
$body = "NULL";
$author = 1000;
$score = 2.5E-5;
$omit = MetabaseSupport($database, "OmitInsertKey");
if (($omit || MetabaseGetNextKey($database, $table, $key)) && MetabaseQuery($database, "INSERT INTO {$table} (" . ($omit ? "" : "id, ") . "title, body, author, score) VALUES(" . ($omit ? "" : $key . ", ") . MetabaseGetTextFieldValue($database, $title . " - 0") . ", NULL, " . $author . ", " . MetabaseGetFloatFieldValue($database, $score) . ")") && MetabaseGetInsertedKey($database, $table, $start_id)) {
$rows = 3;
for ($id = $start_id + 1; $id < $start_id + $rows; $id++) {
if (($omit || MetabaseGetNextKey($database, $table, $key)) && MetabaseQuery($database, "INSERT INTO {$table} (" . ($omit ? "" : "id, ") . "title, body, author, score) VALUES(" . ($omit ? "" : $key . ", ") . MetabaseGetTextFieldValue($database, $title . " - " . strval($id - $start_id)) . ", NULL, " . ($author + $id - $start_id) . ", " . MetabaseGetFloatFieldValue($database, $score * pow(10, $id - $start_id)) . ")") && MetabaseGetInsertedKey($database, $table, $inserted_id)) {
if ($inserted_id != $id) {
$pass = 0;
echo "FAILED!{$eol}";
$failed++;
echo "Test {$test}: inserted autoincrement key is {$inserted_id} and not {$id} as expected{$eol}";
break;
}
} else {
$success = 0;
break;
}
}
if ($success && $pass) {
$types = array("integer", "text");
if (MetabaseQueryAll($database, "SELECT id, title, body, author, score FROM {$table} ORDER BY id", $records, $types)) {
/**
* season::saveupdate()
*
* save or update a season
*
* @return number season id
* @access public
* @since 2003-12-31
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_season, $errorhandler;
$seasonid = $request->GetVar('frm_seasonid', 'post');
$startdate = explode(".", $request->GetVar('frm_start', 'post'));
$strstartdate = $startdate[2] . "-" . $startdate[1] . "-" . $startdate[0];
$enddate = explode(".", $request->GetVar('frm_end', 'post'));
$strenddate = $enddate[2] . "-" . $enddate[1] . "-" . $enddate[0];
// update
if ($seasonid !== '0') {
$query = sprintf("UPDATE {$tbl_season} SET \n\t\t\t name = %s, \n\t\t\t\t\t\t\t start_date = %s,\n\t\t\t\t\t\t\t end_date = %s, \n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_season_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $strstartdate), MetabaseGetTextFieldValue($gDatabase, $strenddate), $request->GetVar('uid', 'session'), $seasonid);
} else {
// new
$name = "zvs_pk_season_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$seasonid);
$query = sprintf("INSERT INTO {$tbl_season} \n\t\t\t (pk_season_id, name, start_date, end_date, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, NOW(), %s )", $seasonid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $strstartdate), MetabaseGetTextFieldValue($gDatabase, $strenddate), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Season::saveupdate()', $query);
} else {
return $seasonid;
}
}
/**
* Category::saveupdate()
*
* Save category as new or update existing
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_guestcat, $errorhandler;
$catid = $request->GetVar('frm_catid', 'post');
// update
if ($catid !== '0') {
$query = sprintf("UPDATE {$tbl_guestcat} SET " . "guestcat = %s, " . "description = %s, " . "updated_date = NOW(), " . "fk_updated_user_id = %s " . "WHERE pk_guestcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_cat', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('uid', 'session'), $catid);
} else {
// new
$name = "zvs_pk_guestcat_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$catid);
$query = sprintf("INSERT INTO {$tbl_guestcat}" . "(pk_guestcat_id, guestcat, description, inserted_date, fk_inserted_user_id )" . "VALUES (%s, %s, %s, NOW(), %s)", $catid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_cat', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'GuestCategory::saveupdate()', $query);
}
}
/**
* Article::saveupdatePeriod
*
* Save period as new or update existing one
*
* @access public
* @since 2004-12-13
* @author Christian Ehret <*****@*****.**>
*/
function saveupdatePeriod()
{
global $gDatabase, $request, $tbl_period, $tbl_bararticle, $errorhandler;
$periodid = $request->GetVar('frm_theperiodid', 'post');
$active = false;
$auto_commit = false;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
if ($request->GetVar('frm_periodact', 'post') == 'true') {
$active = true;
$query = sprintf("UPDATE {$tbl_period} SET \n\t\t\t\t\t\t\t active = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s ", MetabaseGetBooleanFieldValue($gDatabase, false), $request->GetVar('uid', 'session'));
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query);
}
}
// update
if ($periodid !== '-1') {
$query = sprintf("UPDATE {$tbl_period} SET \n\t\t\t period = %s, \n\t\t\t\t\t\t\t active = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_period_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_perioddesc', 'post')), MetabaseGetBooleanFieldValue($gDatabase, $active), $request->GetVar('uid', 'session'), $periodid);
} else {
// new
$name = "zvs_pk_period_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$periodid);
$query = sprintf("INSERT INTO {$tbl_period}\n\t\t\t (pk_period_id, period, active, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, NOW(), %s, NULL, NULL )", $periodid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_perioddesc', 'post')), MetabaseGetBooleanFieldValue($gDatabase, $active), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query);
} else {
if ($request->GetVar('frm_cpyperiod', 'post') != -1) {
$query = "SELECT fk_bararticlecat_id, description, price, hotkey\n\t\t\t\t\t FROM {$tbl_bararticle} \n\t\t\t\t\t WHERE ISNULL(deleted_date) AND\n\t\t\t\t\t fk_period_id = " . $request->GetVar('frm_cpyperiod', 'post');
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query);
}
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$name = "zvs_pk_bararticle_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$bararticleid);
$query = sprintf("INSERT INTO {$tbl_bararticle} \n\t\t\t\t\t (pk_bararticle_id, fk_period_id, fk_bararticlecat_id,\n\t\t\t\t\t\t\t description, price, hotkey, inserted_date, \n\t\t\t\t\t\t\t fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s) ", $bararticleid, $periodid, MetabaseFetchResult($gDatabase, $result, $row, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 2)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 3)), $request->GetVar('uid', 'session'));
$result2 = MetabaseQuery($gDatabase, $query);
if (!$result2) {
$success = MetabaseRollbackTransaction($gDatabase);
$errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query);
}
}
}
$success = MetabaseCommitTransaction($gDatabase);
// end transaction
$auto_commit = true;
$success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit);
}
return $periodid;
}
/**
* Calendar::getExtensionTimes2()
*
* Get the dates the room is free before a date
*
* @param timestamp $date endday
* @param number $roomid Roomid
* @return array dates
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function getExtensionTimes2($date, $roomid)
{
global $tbl_booking_detail, $gDatabase, $errorhandler;
$query = sprintf("SELECT UNIX_TIMESTAMP(end_date), end_date \n\t\t FROM {$tbl_booking_detail} \n\t\t\t\t\t\t WHERE UNIX_TIMESTAMP(end_date) < %s \n\t\t\t\t\t\t AND fk_room_id = %s \n\t\t\t\t\t\t AND deleted_date IS NULL \n\t\t\t\t\t\t ORDER BY end_date DESC\n\t\t\t\t\t\t LIMIT 0,1 ", MetabaseGetTextFieldValue($gDatabase, $date), $roomid);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Calendar::$this->getExtensionTimes2()', $query);
} else {
$rows = MetabaseNumberOfRows($gDatabase, $result);
if ($rows > 0) {
$freenights = round(($date - MetabaseFetchResult($gDatabase, $result, 0, 0)) / 86400);
$starttmp = date("Y-m-d", MetabaseFetchResult($gDatabase, $result, 0, 0));
} else {
$freenights = 100;
$starttmp = date("Y-m-d", mktime(8, 0, 0, date("m", $date), date("d", $date) - $freenights, date("Y", $date)));
}
$days = array();
$nights = $freenights;
for ($i = 0; $i < $freenights && $i < 100; ++$i) {
$j = $i;
$days[$i]["count"] = $j;
$days[$i]["date"] = date("D, d. m. Y", strtotime("{$starttmp} + {$j} days"));
if ($nights > 1) {
$days[$i]["date"] .= " ({$nights} Nächte)";
} else {
$days[$i]["date"] .= " ({$nights} Nacht)";
}
$days[$i]["thedate"] = strtotime("{$starttmp} + {$j} days");
$nights -= 1;
}
return $days;
}
}
/**
* bcat::saveupdate()
*
* save or update a booking category
*
* @return number booking category id
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function saveupdate()
{
global $gDatabase, $request, $tbl_bookingcat, $errorhandler;
$bcatid = $request->GetVar('frm_bcatid', 'post');
// update
if ($bcatid !== '0') {
$query = sprintf("UPDATE {$tbl_bookingcat} SET \n\t\t\t\t\t\t\t bookingcat = %s, \n\t\t\t\t\t\t\t color = %s, \n\t\t\t\t\t\t\t description = %s, \n\t\t\t\t\t\t\t days = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_bookingcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_color', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('frm_days', 'post'), $request->GetVar('uid', 'session'), $bcatid);
} else {
// new
$name = "zvs_pk_bookingcat_id";
$sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$bcatid);
$query = sprintf("INSERT INTO {$tbl_bookingcat}\n\t\t\t\t\t\t\t (pk_bookingcat_id, bookingcat, color, description, days, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, NOW(), %s )", $bcatid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_color', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('frm_days', 'post'), $request->GetVar('uid', 'session'));
}
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'BookingCategory::saveupdate()', $query);
} else {
return $bcatid;
}
}
/**
* Booking::linkGuestAddress()
*
* link the addresses form one guest to another
*
* @param number $guestid id of source guest
* @param number $guestid id of second guest
* @access public
* @since 2003-07-24
* @author Christian Ehret <*****@*****.**>
*/
function linkGuestAddress($guestid, $guestid2)
{
global $tbl_guest_address, $gDatabase, $errorhandler, $request;
$query = sprintf("SELECT pk_fk_address_id, address_type, default_address\n\t\t\t\t\t\t FROM {$tbl_guest_address} \n\t\t WHERE pk_fk_guest_id = %s", $guestid);
$result = MetabaseQuery($gDatabase, $query);
if (!$result) {
$errorhandler->display('SQL', 'Booking::linkGuestAddress()', $query);
} else {
for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) {
$query = sprintf("INSERT INTO {$tbl_guest_address} \n\t\t\t\t\t\t\t\t(pk_fk_guest_id, pk_fk_address_id, address_type, default_address)\n\t\t\t\t\t\t\t\tVALUES (%s, %s, %s, %s)", $guestid2, MetabaseFetchResult($gDatabase, $result, $row, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 2)));
$result2 = MetabaseQuery($gDatabase, $query);
if (!$result2) {
$errorhandler->display('SQL', 'Booking::linkGuestAddress()', $query);
}
}
}
}
