public function upgrade($version, $authneeded = true)
{
if ($authneeded) {
$auth = new Auth();
if (!$auth->isLoggedIn() || !$auth->isAdmin()) {
return "Must be logged in as admin";
}
}
$path = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . "library/installer/schemas/update" . $version . ".sql";
if (!file_exists($path)) {
return "Schema does not exist";
}
$settings = WposAdminSettings::getSettingsObject('general');
if (floatval($settings->version) >= floatval($version)) {
return "Db already at the latest version";
}
$sql = file_get_contents($path);
try {
$result = $this->db->_db->exec($sql);
/*if ($result===false){
echo $this->db->_db->errorInfo()[0];
}*/
switch ($version) {
case "1.0":
// set sales type & channel
$sql = "UPDATE `sales` SET `type`='sale', `channel`='pos';";
if ($this->db->_db->exec($sql) === false) {
return $this->db->_db->errorInfo()[0];
}
// set payment dt to process dt and update sales json with extra params
$sql = "SELECT * FROM `sales`;";
$sales = $this->db->select($sql, []);
foreach ($sales as $sale) {
$data = json_decode($sale['data']);
$data->id = $sale['id'];
$data->balance = 0.0;
$data->dt = $sale['dt'];
$data->status = $sale['status'];
if ($data == false) {
die("Prevented null data entry");
}
$sql = "UPDATE `sales` SET `data`=:data WHERE `id`=:saleid";
$this->db->update($sql, [":data" => json_encode($data), ":saleid" => $sale['id']]);
$sql = "UPDATE `sale_payments` SET `processdt=:processdt WHERE `saleid`=:saleid";
$this->db->update($sql, [":processdt" => $sale['processdt'], ":saleid" => $sale['id']]);
}
// update config, add google keys
WposAdminSettings::putValue('general', 'version', '1.0');
WposAdminSettings::putValue('general', 'gcontact', 0);
WposAdminSettings::putValue('general', 'gcontacttoken', '');
WposAdminSettings::putValue('pos', 'priceedit', 'blank');
// copy new templates
copy($_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . 'docs-template/templates', $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . 'docs/');
break;
case "1.1":
WposAdminSettings::putValue('general', 'version', '1.1');
break;
case "1.2":
// update item tax values
$sql = "SELECT * FROM `sale_items`;";
$items = $this->db->select($sql, []);
foreach ($items as $item) {
if (is_numeric($item['tax'])) {
$taxdata = new stdClass();
$taxdata->values = new stdClass();
$taxdata->inclusive = true;
if ($item['tax'] > 0) {
$taxdata->values->{"1"} = $item['tax'];
$taxdata->total = $item['tax'];
} else {
$taxdata->total = 0;
}
$sql = "UPDATE `sale_items` SET `tax`=:tax WHERE `id`=:id";
$this->db->update($sql, [":tax" => json_encode($taxdata), ":id" => $item['id']]);
} else {
echo "Item record " . $item['id'] . " already updated, skipping item table update...<br/>";
}
}
// remove the "notax taxdata field, update gst to id=1"
$sql = "SELECT * FROM `sales`;";
$sales = $this->db->select($sql, []);
foreach ($sales as $sale) {
$needsupdate = false;
$data = json_decode($sale['data']);
if ($data == false) {
die("Prevented null data entry");
}
if (isset($data->taxdata->{"1"}) && $data->taxdata->{"1"} == 0) {
if (isset($data->taxdata->{"2"})) {
$data->taxdata->{"1"} = $data->taxdata->{"2"};
unset($data->taxdata->{"2"});
} else {
unset($data->taxdata->{"1"});
}
$needsupdate = true;
} else {
echo "Record " . $sale['id'] . " already updated, skipping sale taxdata update...<br/>";
}
foreach ($data->items as $skey => $sitem) {
if (is_numeric($sitem->tax)) {
$taxdata = new stdClass();
$taxdata->values = new stdClass();
$taxdata->inclusive = true;
if ($sitem->tax > 0) {
$taxdata->values->{"1"} = $sitem->tax;
$taxdata->total = $sitem->tax;
} else {
$taxdata->total = 0;
}
$data->items[$skey]->tax = $taxdata;
$needsupdate = true;
} else {
echo "Item record " . $sale['id'] . " already updated, skipping sale itemdata update...<br/>";
}
}
if ($needsupdate) {
$sql = "UPDATE `sales` SET `data`=:data WHERE `id`=:saleid";
$this->db->update($sql, [":data" => json_encode($data), ":saleid" => $sale['id']]);
}
}
// update stored item schema
$sql = "SELECT * FROM `stored_items`;";
$items = $this->db->select($sql, []);
$error = false;
foreach ($items as $item) {
if ($item['data'] == "") {
$id = $item['id'];
unset($item['id']);
$item['type'] = "general";
$item['modifiers'] = new stdClass();
$data = json_encode($item);
if ($data != false) {
$sql = "UPDATE `stored_items` SET `data`=:data WHERE `id`=:id";
if (!$this->db->update($sql, [":data" => $data, ":id" => $id])) {
$error = true;
}
}
}
}
if (!$error) {
$sql = "ALTER TABLE `stored_items` DROP `qty`, DROP `description`, DROP `taxid`;";
$this->db->update($sql, []);
}
// update devices schema
$sql = "SELECT * FROM `devices`;";
$devices = $this->db->select($sql, []);
foreach ($devices as $device) {
if ($device['data'] == "") {
$data = new stdClass();
$data->name = $device['name'];
$data->locationid = $device['locationid'];
$data->type = "general_register";
$data->ordertype = "terminal";
$data->orderdisplay = 1;
$data->kitchenid = 0;
$data = json_encode($data);
if ($data != false) {
$sql = "UPDATE `devices` SET `data`=:data WHERE `id`=:id";
$this->db->update($sql, [":data" => $data, ":id" => $device['id']]);
}
} else {
echo "Device record " . $device['id'] . " already updated, skipping sale itemdata update...<br/>";
}
}
WposAdminSettings::putValue('general', 'currencyformat', '$~2~.~,~0');
WposAdminSettings::putValue('general', 'version', '1.2');
}
// restart node server
$socket = new WposSocketControl();
$socket->restartSocketServer(['error' => 'OK']);
return "Update Completed Successfully!";
} catch (Exception $e) {
echo $this->db->_db->errorInfo()[0];
return $e->getMessage();
}
}
/**
* routes api calls and returns the result, allows for multiple API calls at once
* @param $action
* @param $data
* @param $result
* @return array|mixed
*/
function routeApiCall($action, $data, $result)
{
global $auth;
$notinprev = false;
// Check for action in unprotected area (does not require permission)
switch ($action) {
// POS Specific
case "config/get":
$setup = new WposPosSetup($data);
$result = $setup->getDeviceRecord($result);
break;
case "items/get":
$jsondata = new WposPosData();
$result = $jsondata->getItems($result);
break;
case "sales/get":
$jsondata = new WposPosData($data);
$result = $jsondata->getSales($result);
break;
case "tax/get":
$jsondata = new WposPosData();
$result = $jsondata->getTaxes($result);
break;
case "customers/get":
$jsondata = new WposPosData();
$result = $jsondata->getCustomers($result);
break;
case "devices/get":
$jsondata = new WposPosData();
$result = $jsondata->getPosDevices($result);
break;
case "locations/get":
$jsondata = new WposPosData();
$result = $jsondata->getPosLocations($result);
break;
case "orders/set":
$sale = new WposPosSale($data);
$result = $sale->setOrder($result);
break;
case "orders/remove":
$sale = new WposPosSale($data);
$result = $sale->removeOrder($result);
break;
case "sales/add":
$sale = new WposPosSale($data);
$result = $sale->insertTransaction($result);
break;
case "sales/void":
// also used for sale refunds
$sale = new WposPosSale($data, false);
$result = $sale->insertVoid($result);
break;
case "sales/search":
$sale = new WposPosData();
if (isset($data)) {
$result = $sale->searchSales($data, $result);
}
break;
case "sales/updatenotes":
$sale = new WposPosSale($data, false);
$result = $sale->updateTransationNotes($result);
break;
case "transactions/get":
$trans = new WposTransactions($data);
$result = $trans->getTransaction($result);
break;
default:
$notinprev = true;
}
if ($notinprev == false) {
// an action has been executed: return the data
return $result;
}
// Check if user is allowed to use this API request
if ($auth->isUserAllowed($action) === false) {
$result['errorCode'] = "priv";
$result['error'] = "You do not have permission to perform this action.";
return $result;
}
// Check in permission protected API calls
switch ($action) {
// admin only
// device setup
case "devices/setup":
$setup = new WposPosSetup($data);
$result = $setup->setupDevice($result);
break;
// stored items
// stored items
case "adminconfig/get":
$setupMdl = new WposPosSetup();
$result = $setupMdl->getAdminConfig($result);
break;
case "items/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addStoredItem($result);
break;
case "items/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateStoredItem($result);
break;
case "items/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteStoredItem($result);
break;
// suppliers
// suppliers
case "suppliers/get":
$jsondata = new WposPosData();
$result = $jsondata->getSuppliers($result);
break;
case "suppliers/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addSupplier($result);
break;
case "suppliers/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateSupplier($result);
break;
case "suppliers/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteSupplier($result);
break;
// suppliers
// suppliers
case "stock/get":
$jsondata = new WposPosData();
$result = $jsondata->getStock($result);
break;
case "stock/add":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->addStock($result);
break;
case "stock/set":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->setStockLevel($result);
break;
case "stock/transfer":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->transferStock($result);
break;
case "stock/history":
$stockMdl = new WposAdminStock($data);
$result = $stockMdl->getStockHistory($result);
break;
// customers
// customers
case "customers/add":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->addCustomer($result);
break;
case "customers/edit":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->updateCustomer($result);
break;
case "customers/delete":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->deleteCustomer($result);
break;
case "customers/contacts/add":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->addContact($result);
break;
case "customers/contacts/edit":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->updateContact($result);
break;
case "customers/contacts/delete":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->deleteContact($result);
break;
// TODO: Add to permissions
// TODO: Add to permissions
case "customers/setaccess":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->setAccess($result);
break;
case "customers/setpassword":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->setPassword($result);
break;
case "customers/sendreset":
$custMdl = new WposAdminCustomers($data);
$result = $custMdl->sendResetEmail($result);
break;
// End to-do
// USERS
// End to-do
// USERS
case "users/get":
$data = new WposPosData();
$result = $data->getUsers($result);
break;
case "users/add":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->addUser($result);
break;
case "users/edit":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->updateUser($result);
break;
case "users/delete":
$adminMdl = new WposAdminItems($data);
$result = $adminMdl->deleteUser($result);
break;
case "users/disable":
$setup = new WposAdminItems($data);
$result = $setup->setUserDisabled($result);
break;
// DEVICES
// DEVICES
case "devices/add":
$setup = new WposPosSetup($data);
$result = $setup->addDevice($result);
break;
case "devices/edit":
$setup = new WposPosSetup($data);
$result = $setup->updateDevice($result);
break;
case "devices/delete":
$setup = new WposPosSetup($data);
$result = $setup->deleteDevice($result);
break;
case "devices/disable":
$setup = new WposPosSetup($data);
$result = $setup->setDeviceDisabled($result);
break;
// LOCATIONS
// LOCATIONS
case "locations/add":
$setup = new WposPosSetup($data);
$result = $setup->addLocation($result);
break;
case "locations/edit":
$setup = new WposPosSetup($data);
$result = $setup->updateLocationName($result);
break;
case "locations/delete":
$setup = new WposPosSetup($data);
$result = $setup->deleteLocation($result);
break;
case "locations/disable":
$setup = new WposPosSetup($data);
$result = $setup->setLocationDisabled($result);
break;
// SALES (All transactions)
// SALES (All transactions)
case "sales/delete":
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->deleteSale($result);
break;
case "sales/deletevoid":
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->removeVoidRecord($result);
break;
case "sales/adminvoid":
// the admin add void method, only requires sale id and reason
$aSaleMdl = new WposTransactions($data);
$result = $aSaleMdl->voidSale($result);
break;
// INVOICES
// INVOICES
case "invoices/get":
$invMdl = new WposInvoices($data);
$result = $invMdl->getInvoices($result);
break;
case "invoices/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->createInvoice($result);
break;
case "invoices/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updateInvoice($result);
break;
case "invoices/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removeInvoice($result);
break;
case "invoices/items/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->addItem($result);
break;
case "invoices/items/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updateItem($result);
break;
case "invoices/items/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removeItem($result);
break;
case "invoices/payments/add":
$invMdl = new WposInvoices($data);
$result = $invMdl->addPayment($result);
break;
case "invoices/payments/edit":
$invMdl = new WposInvoices($data);
$result = $invMdl->updatePayment($result);
break;
case "invoices/payments/delete":
$invMdl = new WposInvoices($data);
$result = $invMdl->removePayment($result);
break;
case "invoices/history/get":
$invMdl = new WposTransactions($data);
$result = $invMdl->getTransactionHistory($result);
break;
case "invoices/generate":
$invMdl = new WposTransactions(null, $_REQUEST['id'], false);
$invMdl->generateInvoice();
break;
case "invoices/email":
$invMdl = new WposTransactions($data);
$result = $invMdl->emailInvoice($result);
break;
// STATS
// STATS
case "stats/general":
// general overview stats
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getOverviewStats($result);
break;
case "stats/takings":
// account takings stats, categorized by payment method
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getCountTakingsStats($result);
break;
case "stats/itemselling":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getWhatsSellingStats($result);
break;
case "stats/supplyselling":
// whats selling, grouped by suppliers
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getWhatsSellingStats($result, true);
break;
case "stats/stock":
// current stock levels
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getStockLevels($result);
break;
case "stats/devices":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result);
break;
case "stats/locations":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result, 'location');
break;
case "stats/users":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getDeviceBreakdownStats($result, 'user');
break;
case "stats/tax":
// whats selling, grouped by stored items
$statsMdl = new WposAdminStats($data);
$result = $statsMdl->getTaxStats($result);
break;
// GRAPH
// GRAPH
case "graph/general":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getOverviewGraph($result);
break;
case "graph/takings":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getMethodGraph($result);
break;
case "graph/devices":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getDeviceGraph($result);
break;
case "graph/locations":
// like the general stats, but in graph form/time.
$graphMdl = new WposAdminGraph($data);
$result = $graphMdl->getLocationGraph($result);
break;
// Admin/Global Config
// Admin/Global Config
case "settings/get":
$configMdl = new WposAdminSettings();
$configMdl->setName($data->name);
$result = $configMdl->getSettings($result);
break;
case "settings/general/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("general");
$result = $configMdl->getSettings($result);
break;
case "settings/pos/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("pos");
$result = $configMdl->getSettings($result);
break;
case "settings/invoice/get":
$configMdl = new WposAdminSettings();
$configMdl->setName("invoice");
$result = $configMdl->getSettings($result);
break;
case "settings/set":
$configMdl = new WposAdminSettings($data);
$result = $configMdl->saveSettings($result);
break;
case "settings/general/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("general");
$result = $configMdl->saveSettings($result);
break;
case "settings/pos/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("pos");
$result = $configMdl->saveSettings($result);
break;
case "settings/invoice/set":
$configMdl = new WposAdminSettings($data);
$configMdl->setName("invoice");
$result = $configMdl->saveSettings($result);
break;
case "settings/google/authinit":
GoogleIntegration::initGoogleAuth();
break;
case "settings/google/authremove":
GoogleIntegration::removeGoogleAuth();
break;
case "settings/xero/oauthinit":
XeroIntegration::initXeroAuth();
break;
case "settings/xero/oauthcallback":
XeroIntegration::processCallbackAuthCode();
break;
case "settings/xero/oauthremove":
XeroIntegration::removeXeroAuth();
break;
case "settings/xero/configvalues":
$result = XeroIntegration::getXeroConfigValues($result);
break;
case "settings/xero/export":
$result = XeroIntegration::exportXeroSales($data->stime, $data->etime);
break;
case "node/status":
$Sserver = new WposSocketControl();
$result = $Sserver->isServerRunning($result);
break;
case "node/start":
$Sserver = new WposSocketControl();
$result = $Sserver->startSocketServer($result);
break;
case "node/stop":
$Sserver = new WposSocketControl();
$result = $Sserver->stopSocketServer($result);
break;
case "node/restart":
$Sserver = new WposSocketControl();
$result = $Sserver->restartSocketServer($result);
break;
case "db/backup":
$util = new WposAdminUtilities();
$util->backUpDatabase();
break;
case "logs/list":
$result['data'] = Logger::ls();
break;
case "logs/read":
$result['data'] = Logger::read($data->filename);
break;
case "file/upload":
if (isset($_FILES['file'])) {
$uploaddir = 'docs';
$newpath = $uploaddir . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . $newpath) !== false) {
$result['data'] = ["path" => "/" . $newpath];
} else {
$result['error'] = "There was an error uploading the file " . $newpath;
}
} else {
$result['error'] = "No file selected";
}
break;
// device message
// device message
case "message/send":
$socket = new WposSocketIO();
if ($data->device === null) {
if (($error = $socket->sendBroadcastMessage($data->message)) !== true) {
$result['error'] = $error;
}
} else {
$devid = intval($data->device);
$devices = new stdClass();
$devices->{$devid} = $devid;
if (($error = $socket->sendMessageToDevices($devices, $data->message)) !== true) {
$result['error'] = $error;
}
}
break;
// device reset
// device reset
case "device/reset":
$socket = new WposSocketIO();
if ($data->device === null) {
if (($error = $socket->sendResetCommand()) !== true) {
$result['error'] = $error;
}
} else {
$devid = intval($data->device);
$devices = new stdClass();
$devices->{$devid} = $devid;
if (($error = $socket->sendResetCommand($devices)) !== true) {
$result['error'] = $error;
}
}
break;
default:
$result["error"] = "Action not defined: " . $action;
break;
}
return $result;
}
