/** * roomchangelist::getlist() * * This function returns a list of room changes. * * @param date $start start date * @param date $end end date * @return array guests * @access public * @since 2004-06-12 * @author Christian Ehret <*****@*****.**> */ function getlist($start, $end) { global $gDatabase, $tbl_booking, $tbl_room, $tbl_guest, $tbl_booking_detail, $tbl_bookingcat, $tbl_booking_detail_guest, $errorhandler; $bookings = array(); //$start = $start -1; $end = $end - 1; $query = "SELECT bd.end_date, DATE_FORMAT(bd.end_date, '%d.%m.%Y'), \n\t\t\t\t\t\t r.room, bd.fk_room_id " . sprintf("FROM {$tbl_booking} b, {$tbl_booking_detail} bd\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t WHERE (UNIX_TIMESTAMP(bd.end_date) BETWEEN %s AND %s) \n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) \n\t\t\t\t\t\t ORDER BY bd.end_date, r.room", MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Roomchangelist::getlist()', $query); } else { $row = 0; for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $color = 0; if ($row % 2 != 0) { $color = 1; } $enddate = MetabaseFetchResult($gDatabase, $result, $row, 0); $roomid = MetabaseFetchResult($gDatabase, $result, $row, 3); $query = "SELECT \n\t\t DATE_FORMAT(bd.start_date, '%d.%m.%Y'), \n\t\t\t\t \t\t bc.bookingcat,\n\t\t\t\t\t\t b.persons, b.children, b.children2, b.children3, b.booking_type,\n\t\t\t\t\t\t g.firstname, g.lastname, b.additional_info, DATE_FORMAT(bd.end_date, '%d.%m.%Y'),\n\t\t\t\t\t\t b.children0\n FROM {$tbl_booking} b, {$tbl_booking_detail} bd\n\t\t\t\t\t\t LEFT JOIN {$tbl_guest} g ON b.fk_guest_id = g.pk_guest_id\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_bookingcat} bc ON b.fk_bookingcat_id = bc.pk_bookingcat_id\n\t\t\t\t\t\t WHERE bd.fk_room_id = {$roomid} AND bd.start_date >= '{$enddate}'\n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) \n\t\t\t\t\t\t ORDER BY bd.start_date LIMIT 0,1"; $result2 = MetabaseQuery($gDatabase, $query); if (!$result2) { $errorhandler->display('SQL', 'Roomchangelist::getlist()', $query); } elseif (MetabaseNumberOfRows($gDatabase, $result2) == 1) { $bookings[$row] = array('enddate' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color, 'startdate' => MetabaseFetchResult($gDatabase, $result2, 0, 0), 'bookingcat' => MetabaseFetchResult($gDatabase, $result2, 0, 1), 'person' => MetabaseFetchResult($gDatabase, $result2, 0, 2), 'children1' => MetabaseFetchResult($gDatabase, $result2, 0, 3), 'children2' => MetabaseFetchResult($gDatabase, $result2, 0, 4), 'children3' => MetabaseFetchResult($gDatabase, $result2, 0, 5), 'firstname' => MetabaseFetchResult($gDatabase, $result2, 0, 7), 'lastname' => MetabaseFetchResult($gDatabase, $result2, 0, 8), 'addinfo' => MetabaseFetchResult($gDatabase, $result2, 0, 9), 'enddate2' => MetabaseFetchResult($gDatabase, $result2, 0, 10), 'children0' => MetabaseFetchResult($gDatabase, $result2, 0, 11)); } else { $bookings[$row] = array('enddate' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color, 'startdate' => "", 'bookingcat' => "", 'person' => "", 'children1' => "", 'children2' => "", 'children3' => "", 'firstname' => "", 'lastname' => "", 'addinfo' => "", 'enddate2' => ""); } } } return $bookings; }
/** * Guestlist::getlist() * * This function returns a list of guests wich are checked in. * * @param date $start start date * @param date $end end date * @param int $bcat booking cat (-1 for all) * @return array guests * @access public * @since 2004-06-05 * @author Christian Ehret <*****@*****.**> */ function getlist($start, $end, $bcat) { global $gDatabase, $tbl_booking, $tbl_guest, $tbl_guest_address, $tbl_address, $tbl_room, $tbl_booking_detail, $tbl_bookingcat, $tbl_booking_detail_guest, $errorhandler; $guests = array(); $query = "SELECT b.pk_booking_id, b.fk_guest_id, g.firstname, g.lastname, \n\t\t DATE_FORMAT(b.start_date, '%d.%m.%Y'), \n\t\t\t\t \t\t DATE_FORMAT(b.end_date, '%d.%m.%Y'), \n\t\t\t\t \t\t bd.pk_booking_detail_id, r.room, bc.bookingcat,\n\t\t\t\t\t\t b.persons, b.children, b.children2, b.children3, b.booking_type, a.email, b.children0 " . sprintf("FROM {$tbl_booking} b, {$tbl_guest} g, {$tbl_booking_detail} bd\n\t\t\t\t \t\t LEFT JOIN {$tbl_room} r ON r.pk_room_id = bd.fk_room_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_bookingcat} bc ON b.fk_bookingcat_id = bc.pk_bookingcat_id\n\t\t\t\t\t\t LEFT JOIN {$tbl_guest_address} ga ON ga.pk_fk_guest_id = g.pk_guest_id AND default_address = %s\n\t\t\t\t\t\t LEFT JOIN {$tbl_address} a ON ga.pk_fk_address_id = a.pk_address_id\t\t\t\t\t\t \n\t\t\t\t\t\t WHERE ((UNIX_TIMESTAMP(b.start_date) BETWEEN %s AND %s) \n\t\t\t\t\t\t OR (UNIX_TIMESTAMP(b.end_date) BETWEEN %s AND %s)\n\t\t\t\t\t\t OR (%s BETWEEN UNIX_TIMESTAMP(b.start_date) AND UNIX_TIMESTAMP(b.end_date))\n\t\t\t\t\t\t OR (%s BETWEEN UNIX_TIMESTAMP(b.start_date) AND UNIX_TIMESTAMP(b.end_date)))\n\t\t\t\t\t\t AND g.pk_guest_id = b.fk_guest_id \n\t\t\t\t\t\t AND b.pk_booking_id = bd.fk_booking_id \n\t\t\t\t\t\t AND ISNULL(b.deleted_date) ", MetabaseGetBooleanFieldValue($gDatabase, true), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end)); if ($bcat != -1) { $query .= "AND b.fk_bookingcat_id = {$bcat} "; } $query .= "ORDER BY r.room "; $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Checkout::get()', $query); } else { $row = 0; $person = 0; $children0 = 0; $children1 = 0; $children2 = 0; $children3 = 0; for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $color = 0; if ($row % 2 != 0) { $color = 1; } if (MetabaseFetchResult($gDatabase, $result, $row, 13) == 'R') { $bookingtype = 'Reservierung'; } elseif (MetabaseFetchResult($gDatabase, $result, $row, 13) == 'B') { $bookingtype = 'Buchung'; } else { $bookingtype = 'Abgerechnet'; } $guests[$row] = array('bookingid' => MetabaseFetchResult($gDatabase, $result, $row, 0), 'guestid' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'firstname' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'lastname' => MetabaseFetchResult($gDatabase, $result, $row, 3), 'startdate' => MetabaseFetchResult($gDatabase, $result, $row, 4), 'enddate' => MetabaseFetchResult($gDatabase, $result, $row, 5), 'bookingdetailid' => MetabaseFetchResult($gDatabase, $result, $row, 6), 'room' => MetabaseFetchResult($gDatabase, $result, $row, 7), 'bookingcat' => MetabaseFetchResult($gDatabase, $result, $row, 8), 'person' => MetabaseFetchResult($gDatabase, $result, $row, 9), 'children1' => MetabaseFetchResult($gDatabase, $result, $row, 10), 'children2' => MetabaseFetchResult($gDatabase, $result, $row, 11), 'children3' => MetabaseFetchResult($gDatabase, $result, $row, 12), 'children0' => MetabaseFetchResult($gDatabase, $result, $row, 15), 'email' => MetabaseFetchResult($gDatabase, $result, $row, 14), 'bookingtype' => $bookingtype, 'color' => $color); $person += MetabaseFetchResult($gDatabase, $result, $row, 9); $children0 += MetabaseFetchResult($gDatabase, $result, $row, 15); $children1 += MetabaseFetchResult($gDatabase, $result, $row, 10); $children2 += MetabaseFetchResult($gDatabase, $result, $row, 11); $children3 += MetabaseFetchResult($gDatabase, $result, $row, 12); } $color = 0; if ($row % 2 != 0) { $color = 1; } $guests[$row] = array('bookingid' => '', 'guestid' => '', 'firstname' => '', 'lastname' => '', 'startdate' => '', 'enddate' => '', 'bookingdetailid' => '', 'room' => '', 'bookingcat' => '', 'person' => $person, 'children1' => $children1, 'children2' => $children2, 'children3' => $children3, 'children0' => $children0, 'bookingtype' => 'Summe: ', 'color' => $color); } return $guests; }
/** * price::save() * * save prices for a season * * @access public * @since 2004-01-01 * @author Christian Ehret <*****@*****.**> */ function save() { global $gDatabase, $request, $tbl_price, $tbl_price2, $errorhandler, $rcat, $bcat; // turn on Transaction Control $auto_commit = false; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); $seasonids = array(); $seasonids = $request->getVar('frm_seasonid', 'post'); $bcats = $bcat->Get(); $rcats = $rcat->get('N'); $rcats2 = $rcat->get('A'); for ($i = 0; $i < count($seasonids); $i++) { // delete all old entries for the season for price normal $query = sprintf("DELETE FROM {$tbl_price} WHERE fk_season_id = %s", $seasonids[$i]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Price::save()', $query); } // delete all old entries for the season for price advanced $query = sprintf("DELETE FROM {$tbl_price2} WHERE fk_season_id = %s", $seasonids[$i]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Price::save()', $query); } // insert new values for ($j = 0; $j < count($bcats); $j++) { for ($k = 0; $k < count($rcats); $k++) { $frmperson = "frm_price_adult_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmperson_short = "frm_price_adult_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren = "frm_price_child_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren_short = "frm_price_child_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren2 = "frm_price_child2_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren2_short = "frm_price_child2_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren3 = "frm_price_child3_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmchildren3_short = "frm_price_child3_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmabsolute = "frm_price_pausch_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmabsolute_short = "frm_price_pausch_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $frmtype = "frm_type_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats[$k][catid]; $priceperson = 0.0; $pricepersonshort = 0.0; $pricechildren = 0.0; $pricechildrenshort = 0.0; $pricechildren2 = 0.0; $pricechildren2short = 0.0; $pricechildren3 = 0.0; $pricechildren3short = 0.0; if ($request->GetVar($frmperson, 'post') !== "") { $priceperson = $request->GetVar($frmperson, 'post'); } if ($request->GetVar($frmperson_short, 'post') !== "") { $pricepersonshort = $request->GetVar($frmperson_short, 'post'); } if ($request->GetVar($frmchildren, 'post') !== "") { $pricechildren = $request->GetVar($frmchildren, 'post'); } if ($request->GetVar($frmchildren_short, 'post') !== "") { $pricechildrenshort = $request->GetVar($frmchildren_short, 'post'); } if ($request->GetVar($frmchildren2, 'post') !== "") { $pricechildren2 = $request->GetVar($frmchildren2, 'post'); } if ($request->GetVar($frmchildren2_short, 'post') !== "") { $pricechildren2short = $request->GetVar($frmchildren2_short, 'post'); } if ($request->GetVar($frmchildren3, 'post') !== "") { $pricechildren3 = $request->GetVar($frmchildren3, 'post'); } if ($request->GetVar($frmchildren3_short, 'post') !== "") { $pricechildren3short = $request->GetVar($frmchildren3_short, 'post'); } $name = "zvs_pk_price_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$priceid); $query = sprintf("INSERT INTO {$tbl_price}\n\t\t\t\t\t\t\t\t (pk_price_id, fk_roomcat_id, fk_bookingcat_id,\n\t\t\t\t\t\t\t\t fk_season_id, price_person, price_children, \n\t\t\t\t\t\t\t\t price_type, inserted_date, fk_inserted_user_id, \n\t\t\t\t\t\t\t\t price_person_short, price_children_short,\n\t\t\t\t\t\t\t\t price_children2, price_children2_short, price_children3, price_children3_short) \n\t\t\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t\t\t (%s, %s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s, %s, %s, %s, %s) ", $priceid, $rcats[$k][catid], $bcats[$j][bcatid], $seasonids[$i], $priceperson, $pricechildren, MetabaseGetTextFieldValue($gDatabase, 'PP'), $request->GetVar('uid', 'session'), $pricepersonshort, $pricechildrenshort, $pricechildren2, $pricechildren2short, $pricechildren3, $pricechildren3short); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Price::save()', $query); } } for ($k = 0; $k < count($rcats2); $k++) { $frmprice = "frm_price_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid]; $frmprice_short = "frm_price_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid]; $frmperson = "frm_person_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid]; $frmadditional = "frm_additional_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid]; $frmadditional_short = "frm_additional_short_" . $seasonids[$i] . "_" . $bcats[$j][bcatid] . "_" . $rcats2[$k][catid]; $price = 0.0; $priceshort = 0.0; $additional = 0.0; $additionalshort = 0.0; if ($request->GetVar($frmprice, 'post') !== "") { $price = $request->GetVar($frmprice, 'post'); } if ($request->GetVar($frmprice_short, 'post') !== "") { $priceshort = $request->GetVar($frmprice_short, 'post'); } if ($request->GetVar($frmadditional, 'post') !== "") { $additional = $request->GetVar($frmadditional, 'post'); } if ($request->GetVar($frmadditional_short, 'post') !== "") { $additionalshort = $request->GetVar($frmadditional_short, 'post'); } $name = "zvs_pk_price2_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$priceid); $query = sprintf("INSERT INTO {$tbl_price2}\n\t\t\t\t\t\t\t\t (pk_price2_id, fk_roomcat_id, fk_bookingcat_id,\n\t\t\t\t\t\t\t\t fk_season_id, price, price_short, \n\t\t\t\t\t\t\t\t persons_included, price_additional, price_short_additional,\n\t\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id) \n\t\t\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t\t\t (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s) ", $priceid, $rcats2[$k][catid], $bcats[$j][bcatid], $seasonids[$i], $price, $priceshort, MetabaseGetTextFieldValue($gDatabase, $request->GetVar($frmperson, 'post')), $additional, $additionalshort, $request->GetVar('uid', 'session')); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Price::save()', $query); } } } } $success = MetabaseCommitTransaction($gDatabase); // end transaction $auto_commit = true; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); }
/** * Guest::importZVSGuest() * * Import ZVS User * * @access public * @since 2004-12-14 * @author Christian Ehret <*****@*****.**> */ function importZVSGuest() { global $gDatabase, $tbl_bookingcat, $tbl_barguest, $tbl_zvs_bookingcat, $tbl_zvs_guest, $tbl_zvs_booking, $tbl_zvs_booking_detail, $gZVSDatabase, $tbl_user, $errorhandler, $request; $guests = array(); $query = "SELECT pk_guest_id, firstname, lastname, fk_bookingcat_id " . sprintf("FROM {$tbl_zvs_booking}, {$tbl_zvs_guest}, {$tbl_zvs_booking_detail} \n\t\t\t\t\t\t WHERE checked_in = %s \n\t\t\t\t\t\t AND checked_out = %s\n\t\t\t\t\t\t AND pk_guest_id = fk_guest_id \n\t\t\t\t\t\t AND pk_booking_id = fk_booking_id \n\t\t\t\t\t\t AND ISNULL({$tbl_zvs_booking}.deleted_date) \n\t\t\t\t\t\t ORDER BY lastname", MetabaseGetBooleanFieldValue($gZVSDatabase, true), MetabaseGetBooleanFieldValue($gZVSDatabase, false)); $zvsresult = MetabaseQuery($gZVSDatabase, $query); if (!$zvsresult) { $errorhandler->display('SQL', 'Guest::importZVSGuest()', $query); } else { for ($row = 0; ($eor = MetabaseEndOfResult($gZVSDatabase, $zvsresult)) == 0; ++$row) { $query = "SELECT pk_bookingcat_id \n\t\t\t\t FROM {$tbl_bookingcat}\n\t\t\t\t\t\t WHERE fk_zvsbookingcat_id = " . MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 3); $catresult = MetabaseQuery($gDatabase, $query); if (!$catresult) { $errorhandler->display('SQL', 'Guest::importZVSGuest()', $query); } else { $query = "SELECT pk_barguest_id \n\t\t\t\t FROM {$tbl_barguest}\n\t\t\t\t\t\t WHERE fk_zvsguest_id = " . MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 0); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Guest::importZVSGuest()', $query); } if (MetabaseNumberOfRows($gDatabase, $result) == 1) { $query = sprintf("UPDATE {$tbl_barguest} \n\t\t\t\t\t\t\t\t\t\t SET firstname = %s, \n\t\t\t\t\t\t\t\t\t\t lastname = %s,\n\t\t\t\t\t\t\t\t\t\t fk_bookingcat_id = %s,\n\t\t\t\t\t\t\t\t\t\t deleted_date = NULL,\n\t\t\t\t\t\t\t\t\t\t fk_deleted_user_id = NULL\n\t\t\t\t\t\t\t\t\t\t WHERE pk_barguest_id = %s", MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 2)), MetabaseFetchResult($gDatabase, $catresult, 0, 0), MetabaseFetchResult($gDatabase, $result, 0, 0)); } else { $name = "zvs_pk_barguest_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$barguestid); $query = sprintf("INSERT INTO {$tbl_barguest}\n\t\t\t\t\t\t\t\t\t\t (pk_barguest_id, fk_zvsguest_id, fk_bookingcat_id, firstname, lastname, inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, NOW(), %s)", $barguestid, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 0), MetabaseFetchResult($gDatabase, $catresult, 0, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gZVSDatabase, $zvsresult, $row, 2)), 1); } $result2 = MetabaseQuery($gDatabase, $query); if (!$result2) { $errorhandler->display('SQL', 'Guest::importZVSGuest()', $query); } } } } }
/** * auth::auth_validatelogin() * * validate login * * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> * @return number user id */ function auth_validatelogin() { global $gDatabase2, $tbl_employee, $tbl_hotel, $uid, $firstname, $request, $sess, $smarty, $errorhandler; $auth_challenge = session_id(); $auth_username = $request->GetVar('username', 'post'); $auth_password = $request->GetVar('password', 'post'); $auth_response = $request->GetVar('response', 'post'); $this->auth["uname"] = $auth_username; ## This provides access for "loginform.ihtml" $query = sprintf("SELECT e.pk_employee_id, e.password, e.firstname, e.lastname, \n\t\t e.login, e.fk_hotel_id, h.database_schema, h.hotel_code \n\t\t\t\t\t\t FROM {$tbl_employee} e, {$tbl_hotel} h \n\t\t\t\t\t\t WHERE e.login = %s \n\t\t\t\t\t\t AND e.locked = %s \n\t\t\t\t\t\t AND ISNULL(deleted_date)\n\t\t\t\t\t\t AND e.fk_hotel_id = h.pk_hotel_id ", MetabaseGetTextFieldValue($gDatabase2, addslashes($auth_username)), MetabaseGetBooleanFieldValue($gDatabase2, false)); $result = MetabaseQuery($gDatabase2, $query); if (!$result) { $errorhandler->display('SQL', 'auth::auth_validatelogin()', $query); } else { if (MetabaseNumberOfRows($gDatabase2, $result) != 0) { if ($result) { $uid = MetabaseFetchResult($gDatabase2, $result, 0, 0); $pass = MetabaseFetchResult($gDatabase2, $result, 0, 1); ## Password is stored as a md5 hash $firstname = MetabaseFetchResult($gDatabase2, $result, 0, 2); $lastname = MetabaseFetchResult($gDatabase2, $result, 0, 3); $login = MetabaseFetchResult($gDatabase2, $result, 0, 4); $hotelid = MetabaseFetchResult($gDatabase2, $result, 0, 5); $schema = MetabaseFetchResult($gDatabase2, $result, 0, 6); $hotel_code = MetabaseFetchResult($gDatabase2, $result, 0, 7); } } } $exspected_response = md5("{$auth_username}:{$pass}:{$auth_challenge}"); // # True when JS is disabled if ($auth_response == "") { if (md5($auth_password) != $pass) { // # md5 hash for non-JavaScript browsers return false; } else { $sess->SetVar("firstname", $firstname); $sess->SetVar("lastname", $lastname); $sess->SetVar("login", $login); $sess->SetVar("uid", $uid); $sess->SetVar("authenticated", 'valid'); $sess->SetVar("hotelid", $hotelid); $sess->SetVar("schema", $schema); $sess->SetVar("hotel_code", $hotel_code); return $uid; } } // # Response is set, JS is enabled if ($exspected_response != $auth_response) { return false; } else { $sess->SetVar('firstname', $firstname); $sess->SetVar('lastname', $lastname); $sess->SetVar('login', $login); $sess->SetVar('uid', $uid); $sess->SetVar('authenticated', 'valid'); $sess->SetVar("hotelid", $hotelid); $sess->SetVar("schema", $schema); $sess->SetVar("hotel_code", $hotel_code); return $uid; } }
/** * Barguestcat::saveupdate() * * Save Barguestcategory as new or update existing one * * @access public * @since 2006-02-17 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_barguestcat, $errorhandler; $barguestcatid = $request->GetVar('frm_barguestcatid', 'post'); // update if ($barguestcatid !== '0') { $query = sprintf("UPDATE {$tbl_barguestcat} SET \n\t\t\t barguestcat = %s, \n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_barguestcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_barguestcat', 'post')), $request->GetVar('uid', 'session'), $barguestcatid); } else { // new $name = "zvs_pk_barguestcat_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$barguestcatid); $query = sprintf("INSERT INTO {$tbl_barguestcat}\n\t\t\t (pk_barguestcat_id, barguestcat, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, NOW(), %s, NOW(), %s )", $barguestcatid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_barguestcat', 'post')), $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Barguestcat::saveupdate()', $query); } }
/** * Guest::shareaddress() * * share address * * @param string $shareid address id and type of source * @param number $guestid address id * @param string $type type of aim * @access public * @since 2005-08-20 * @author Christian Ehret <*****@*****.**> */ function shareaddress($shareid, $guestid, $type) { global $gDatabase, $tbl_guest_address, $tbl_address, $errorhandler; $sharetype = substr($shareid, 0, 1); $shareid = substr($shareid, 2); $type = ucfirst(substr($type, 0, 1)); $auto_commit = false; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); $query = sprintf("SELECT pk_fk_address_id FROM {$tbl_guest_address}\n\t\t WHERE pk_fk_guest_id = %s\n\t\t\t\t\t\t AND address_type = %s ", $guestid, MetabaseGetTextFieldValue($gDatabase, $type)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Guest::shareaddress()', $query); } $oldaddressid = MetabaseFetchResult($gDatabase, $result, 0, 0); $query = sprintf("SELECT pk_fk_address_id FROM {$tbl_guest_address}\n\t\t WHERE pk_fk_guest_id = %s\n\t\t\t\t\t\t AND address_type = %s ", $shareid, MetabaseGetTextFieldValue($gDatabase, $sharetype)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Guest::shareaddress()', $query); } $newaddressid = MetabaseFetchResult($gDatabase, $result, 0, 0); if ($oldaddressid) { $query = sprintf("UPDATE {$tbl_guest_address} ga \n\t\t SET pk_fk_address_id = %s \n\t\t\t\t\t\t WHERE pk_fk_guest_id = %s \n\t\t\t\t\t\t AND address_type = %s", $newaddressid, $guestid, MetabaseGetTextFieldValue($gDatabase, $type)); } else { $query = sprintf("INSERT INTO {$tbl_guest_address} \n\t\t\t\t\t\t (pk_fk_guest_id, pk_fk_address_id, address_type) \n\t\t\t\t\t\t VALUES (%s, %s, %s)", $guestid, $newaddressid, MetabaseGetTextFieldValue($gDatabase, $type)); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Guest::shareaddress()', $query); } if ($oldaddressid) { // check if address is used more than this time $query = "SELECT count( * ) FROM {$tbl_guest_address} \n\t\t\t WHERE pk_fk_address_id = {$oldaddressid}"; $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Guest::shareaddress()', $query); } else { $count = MetabaseFetchResult($gDatabase, $result, 0, 0); } if ($count == 0) { $query = sprintf("DELETE FROM {$tbl_address} \n\t\t\t\t\t\t WHERE pk_address_id = %s", $oldaddressid, MetabaseGetTextFieldValue($gDatabase, $type)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Guest::shareaddress()', $query); } } } $success = MetabaseCommitTransaction($gDatabase); // end transaction $auto_commit = true; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); }
/** * Employee::saveupdate() * * Save employee as new or update existing one * * @access public * @since 2004-10-03 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase2, $request, $tbl_employee, $errorhandler; $userid = $request->GetVar('frm_userid', 'post'); $salery = $request->GetVar('frm_salary', 'post'); if (!is_numeric($salery)) { $salery = '0.00'; } // update if ($userid !== '0') { if ($request->GetVar('response', 'post') == 'd41d8cd98f00b204e9800998ecf8427e') { $query = sprintf("UPDATE {$tbl_employee} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t salary = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_employee_id = %s ", $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $userid); } else { $query = sprintf("UPDATE {$tbl_employee} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t password = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t salary = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_employee_id = %s ", $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $userid); } } else { // new $name = "zvs_pk_employee_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase2, $name, &$employee_id); $query = sprintf("INSERT INTO {$tbl_employee}\n\t\t\t (pk_employee_id, fk_hotel_id, lastname, firstname, login, password, locked, salary, fk_language_id, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, NOW(), %s )", $employee_id, $request->GetVar('hotelid', 'session'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), $salery, 1, $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase2, $query); if (!$result) { $errorhandler->display('SQL', 'Employee::saveupdate()', $query); } }
/** * room::saveupdate() * * save a new room or update an existing one * * @return number room id * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_room, $errorhandler; $roomid = $request->GetVar('frm_roomid', 'post'); // update if ($roomid !== '0') { $query = sprintf("UPDATE {$tbl_room} SET " . "room = %s, " . "capacity = %s, " . "description = %s, " . "fk_roomcat_id = %s, " . "updated_date = NOW(), " . "fk_updated_user_id = %s " . "WHERE pk_room_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_persons', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_info', 'post')), $request->GetVar('frm_roomcat', 'post'), $request->GetVar('uid', 'session'), $roomid); } else { // new $name = "zvs_pk_room_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$roomid); $query = sprintf("INSERT INTO {$tbl_room}" . "(pk_room_id, room, capacity, description, " . "fk_roomcat_id, inserted_date, fk_inserted_user_id )" . "VALUES (%s, %s, %s, %s, %s, NOW(), %s )", $roomid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_persons', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_info', 'post')), $request->GetVar('frm_roomcat', 'post'), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'room::saveupdate()', $query); } else { return $roomid; } }
/** * DefaultData::´setfield() * * This function updates a given field and updates the session value * * @param number $id id of field * @param string $value value * @access public * @since 2003-08-01 * @author Christian Ehret <*****@*****.**> */ function setfield($id, $value) { global $tbl_default, $tbl_hotel_default, $gDatabase, $request, $sess, $errorhandler; $query = sprintf("SELECT fieldtype, default_name " . "FROM {$tbl_default} " . "WHERE pk_default_id = %s ", $id); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'defaultdata::setfield()', $query); } else { $fieldname = MetabaseFetchResult($gDatabase, $result, 0, 1); if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "int") { $field = "integer_value"; $inputvalue = MetabaseGetTextFieldValue($gDatabase, $value); } else { if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "boolean") { $field = "boolean_value"; $inputvalue = MetabaseBooleanFieldValue($gDatabase, $value); } else { if (MetabaseFetchResult($gDatabase, $result, 0, 0) == "date") { $field = "datetime_value"; $inputvalue = MetabaseGetTextFieldValue($gDatabase, $value); } else { $field = "string_value"; $inputvalue = MetabaseGetTextFieldValue($gDatabase, $value); } } } $query = sprintf("SELECT updated_date " . "FROM {$tbl_hotel_default} " . "WHERE pk_fk_hotel_id = %s " . "AND pk_fk_default_id = %s ", $request->GetVar('hotelid', 'session'), $id); $result = MetabaseQuery($gDatabase, $query); $rows = MetabaseNumberOfRows($gDatabase, $result); if ($rows == 0) { $query = sprintf("INSERT INTO {$tbl_hotel_default} " . "(pk_fk_hotel_id, pk_fk_default_id, {$field}, " . "fk_inserted_user_id, inserted_date) " . "VALUES (%s, %s, %s, %s, NOW()) ", $request->GetVar('hotelid', 'session'), $id, $inputvalue, $request->GetVar('uid', 'session')); } else { $query = sprintf("UPDATE {$tbl_hotel_default} " . "SET {$field} = %s, " . "fk_updated_user_id = %s, " . "updated_date = NOW(), " . "WHERE pk_fk_hotel_id = %s " . "AND pk_fk_default_id = %s ", $inputvalue, $request->GetVar('uid', 'session'), $request->GetVar('hotelid', 'session'), $id); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'defaultdata::setfield()', $query); } else { $sess->SetVar($fieldname, $value); } } }
/** * Timetracker::saveupdate() * * save a new timespan or update an existing one * * @return number timetracker id * @access public * @since 2004-10-13 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_timetracker, $errorhandler; $timetrackerid = $request->GetVar('frm_timetrackerid', 'post'); $start = $request->GetVar('frm_thestart', 'post'); $start = explode(".", $start); $start = $start[2] . "-" . $start[1] . "-" . $start[0] . " " . $request->GetVar('frm_starttime', 'post'); $end = $request->GetVar('frm_theend', 'post'); $end = explode(".", $end); $end = $end[2] . "-" . $end[1] . "-" . $end[0] . " " . $request->GetVar('frm_endtime', 'post'); // update if ($timetrackerid !== '0') { $query = sprintf("UPDATE {$tbl_timetracker} SET \n\t\t\t\t\t\t\t start_date = %s, \n\t\t\t\t\t\t\t end_date = %s,\n\t\t\t\t\t\t\t updated_date = NOW(),\n\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t WHERE pk_timetracker_id = %s ", MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), $request->GetVar('frm_employee', 'post'), $timetrackerid); } else { // new $name = "zvs_pk_timetracker_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$timetrackerid); $query = sprintf("INSERT INTO {$tbl_timetracker}\n\t\t\t\t\t\t\t (pk_timetracker_id, fk_employee_id, start_date, end_date, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, NOW(), %s )", $timetrackerid, $request->GetVar('frm_employee', 'post'), MetabaseGetTextFieldValue($gDatabase, $start), MetabaseGetTextFieldValue($gDatabase, $end), $request->GetVar('frm_employee', 'post')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Timetracker::saveupdate()', $query); } else { return $timetrackerid; } }
} else { if ($request->GetVar('frm_step', 'post') == "savedays") { $start = $request->GetVar('frm_start', 'post'); $starttmp = date("Y-m-d", $start); $days = $request->GetVar('frm_days', 'post'); $end = strtotime("{$starttmp} + {$days} days"); // transaction control $auto_commit = false; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); $query = sprintf("UPDATE {$tbl_booking} SET end_date = %s, updated_date = NOW(), fk_updated_user_id = %s WHERE pk_booking_id = %s ", MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $end)), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('uid', 'session')), MetabaseGetTextFieldValue($gDatabase, $bookid)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'editbook.php', $query); } else { $query = sprintf("UPDATE {$tbl_booking_detail} SET end_date = %s, updated_date = NOW(), fk_updated_user_id = %s WHERE pk_booking_detail_id = %s ", MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $end)), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('uid', 'session')), MetabaseGetTextFieldValue($gDatabase, $bookingdetailid)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'editbook.php', $query); } else { $success = MetabaseCommitTransaction($gDatabase); // end transaction $auto_commit = true; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); } } } else { $smarty->assign('tpl_step', '0'); $smarty->assign('tpl_emailconfirmation', $booking->emailConfirmation($bookid)); $firstpage = true;
/** * price::savedraft() * * save draft receipt * * @return $draftreceiptid draft receipt id * @access public * @since 2004-04-18 * @author Christian Ehret <*****@*****.**> */ function savedraft() { global $gDatabase, $tbl_draftreceipt, $tbl_draftreceipt_booking, $tbl_draftreceipt_item, $tbl_account, $errorhandler, $request; $auto_commit = false; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); $receipt = array(); $doneitems = array(); $commissionids = array(); $commissionids = $request->GetVar('frm_commissionid', 'post'); $receipt = $this->recalculate($request->GetVar('frm_bookid', 'post'), $request->GetVar('length_short_stay', 'session'), $request->GetVar('frm_guestid', 'post')); $receiptdate = explode(".", $receipt[data][receipt_date]); $strreceiptdate = $receiptdate[2] . "-" . $receiptdate[1] . "-" . $receiptdate[0]; if ($request->GetVar('frm_bookids', 'post') !== $request->undefined) { $bookids = $request->GetVar('frm_bookids', 'post'); } else { $bookids = array($request->GetVar('frm_bookid', 'post')); } for ($i = 0; $i < count($receipt[data][start_date]); $i++) { $start = explode(".", $receipt[data][start_date][$i]); $strstart[$i] = $start[2] . "-" . $start[1] . "-" . $start[0]; $end = explode(".", $receipt[data][end_date][$i]); $strend[$i] = $end[2] . "-" . $end[1] . "-" . $end[0]; } if ($receipt[data][draftreceiptid] != -1 && $receipt[data][draftreceiptid] != "") { $draftreceiptid = $receipt[data][draftreceiptid]; $query = sprintf("UPDATE {$tbl_draftreceipt} SET\n\t\t\t\t\t\t\t fk_guest_id = %s,\n\t\t\t\t\t\t\t address = %s,\n\t\t\t\t\t\t \t receipt_date = %s, \n\t\t\t\t\t\t\t sum_netto = %s, \n\t\t\t\t\t\t\t sum_brutto = %s, \n\t\t\t\t\t\t \t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t WHERE pk_draftreceipt_id = %s", $receipt[data][guestid], MetabaseGetTextFieldValue($gDatabase, $receipt[data][address]), MetabaseGetTextFieldValue($gDatabase, $strreceiptdate), $receipt[data][price_netto_total], $receipt[data][price_total], $request->GetVar('uid', 'session'), $draftreceiptid); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } else { for ($i = 0; $i < count($bookids); $i++) { $query = sprintf("UPDATE {$tbl_draftreceipt_booking}\n\t\t\t\t\t\t\t\t SET start_date = %s, end_date = %s\n\t\t\t\t\t\t\t\t WHERE pk_fk_draftreceipt_id = %s AND pk_fk_booking_id = %s", MetabaseGetTextFieldValue($gDatabase, $strstart[$i]), MetabaseGetTextFieldValue($gDatabase, $strend[$i]), $draftreceiptid, $bookids[$i]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } // get all items which are in the system $query = "SELECT pk_draftreceipt_item_id FROM {$tbl_draftreceipt_item} WHERE fk_draftreceipt_id = " . $receipt[data][draftreceiptid]; $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } else { $olditems = array(); for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $olditems[$row] = MetabaseFetchResult($gDatabase, $result, $row, 0); } for ($i = 0; $i < count($receipt[items]); ++$i) { // is a new one if ($receipt[items][$i][itemid] == -1 || !in_array($receipt[items][$i][itemid], $olditems)) { $name = "zvs_pk_draftreceipt_item_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptitemid); $query = sprintf("INSERT INTO {$tbl_draftreceipt_item}\n\t\t\t\t\t\t\t (pk_draftreceipt_item_id, fk_draftreceipt_id, article, amount,\n\t\t\t\t\t\t\t price_netto, price_brutto, mwst, \n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptitemid, $draftreceiptid, MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session')); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } else { array_push($doneitems, $receipt[items][$i][itemid]); $query = sprintf("UPDATE {$tbl_draftreceipt_item} SET\n\t\t\t\t\t\t\t\t\t article = %s, \n\t\t\t\t\t\t\t\t\t amount = %s,\n\t\t\t\t\t\t\t \t\t price_netto = %s, \n\t\t\t\t\t\t\t\t\t price_brutto = %s, \n\t\t\t\t\t\t\t\t\t mwst = %s, \n\t\t\t\t\t\t\t \t\t updated_date = NOW(), \n\t\t\t\t\t\t\t\t\t fk_updated_user_id = %s\n\t\t\t\t\t\t\t\t\t WHERE pk_draftreceipt_item_id = %s", MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session'), $receipt[items][$i][itemid]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } } // set deleted items delted $deleteitems = array_values(array_diff($olditems, $doneitems)); for ($i = 0; $i < count($deleteitems); $i++) { $query = sprintf("UPDATE {$tbl_draftreceipt_item} SET\n\t\t\t\t\t\t\t\t\t\tdeleted_date = NOW(),\n\t\t\t\t\t\t\t\t\t\tfk_deleted_user_id = %s\n\t\t\t\t\t\t\t\t\t\tWHERE pk_draftreceipt_item_id = %s ", $request->GetVar('uid', 'session'), $deleteitems[$i]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } } } } else { $name = "zvs_pk_draftreceipt_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptid); $query = sprintf("INSERT INTO {$tbl_draftreceipt}\n\t\t\t\t\t\t (pk_draftreceipt_id, fk_guest_id, address,\n\t\t\t\t\t\t receipt_date, sum_netto, sum_brutto, \n\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptid, $receipt[data][guestid], MetabaseGetTextFieldValue($gDatabase, $receipt[data][address]), MetabaseGetTextFieldValue($gDatabase, $strreceiptdate), $receipt[data][price_netto_total], $receipt[data][price_total], $request->GetVar('uid', 'session')); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } else { for ($i = 0; $i < count($bookids); $i++) { $query = sprintf("INSERT INTO {$tbl_draftreceipt_booking}\n\t\t\t\t\t\t\t\t (pk_fk_draftreceipt_id, pk_fk_booking_id, start_date, end_date)\n\t\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s)", $draftreceiptid, $bookids[$i], MetabaseGetTextFieldValue($gDatabase, $strstart[$i]), MetabaseGetTextFieldValue($gDatabase, $strend[$i])); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } $sum = $receipt[data][price_total]; for ($k = 0; $k <= count($commissionids); ++$k) { if ($commissionids[$k] != "") { $query = sprintf("SELECT amount FROM {$tbl_account}\n\t\t\t\t\t\t\t\t\t WHERE pk_account_id = %s", $commissionids[$k]); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } elseif (MetabaseNumberOfRows($gDatabase, $result) > 0) { $sum += MetabaseFetchResult($gDatabase, $result, 0, 0) * -1; } } } for ($i = 0; $i < count($receipt[items]); ++$i) { $name = "zvs_pk_draftreceipt_item_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$draftreceiptitemid); $query = sprintf("INSERT INTO {$tbl_draftreceipt_item}\n\t\t\t\t\t\t\t (pk_draftreceipt_item_id, fk_draftreceipt_id, article, amount,\n\t\t\t\t\t\t\t price_netto, price_brutto, mwst, \n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, NOW(), %s )", $draftreceiptitemid, $draftreceiptid, MetabaseGetTextFieldValue($gDatabase, $receipt[items][$i][article]), $receipt[items][$i][number], $receipt[items][$i][netto_single], $receipt[items][$i][brutto_single], $receipt[items][$i][mwst], $request->GetVar('uid', 'session')); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Receipt::savedraft()', $query); } } } } $success = MetabaseCommitTransaction($gDatabase); // end transaction $auto_commit = true; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); return $draftreceiptid; }
/** * User::saveupdate() * * Save user as new or update existing one * * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase2, $request, $tbl_user, $errorhandler; $userid = $request->GetVar('frm_userid', 'post'); // update if ($userid !== '0') { $query = sprintf("UPDATE {$tbl_user} SET \n\t\t\t\t\t\t\t fk_hotel_id = %s,\n\t\t\t\t\t\t\t fk_group_id = %s,\n\t\t\t lastname = %s, \n\t\t\t\t\t\t\t firstname = %s,\n\t\t\t\t\t\t\t login = %s,\n\t\t\t\t\t\t\t password = %s,\n\t\t\t\t\t\t\t locked = %s,\n\t\t\t\t\t\t\t fk_language_id = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_user_id = %s ", $request->GetVar('hotelid', 'session'), $request->GetVar('frm_group', 'post'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), 1, $request->GetVar('uid', 'session'), $userid); } else { // new $name = "zvs_pk_user_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase2, $name, &$userid); $query = sprintf("INSERT INTO {$tbl_user}\n\t\t\t (pk_user_id, fk_hotel_id, fk_group_id, lastname, firstname, login, password, locked, fk_language_id, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, NOW(), %s )", $userid, $request->GetVar('hotelid', 'session'), $request->GetVar('frm_group', 'post'), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_last', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_first', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('frm_login', 'post')), MetabaseGetTextFieldValue($gDatabase2, $request->GetVar('response', 'post')), MetabaseGetBooleanFieldValue($gDatabase2, false), 1, $request->GetVar('uid', 'session'), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase2, $query); if (!$result) { $errorhandler->display('SQL', 'User::saveupdate()', $query); } }
/** * RoomCategory::get() * * This function returns all categories of a price_type. * * @param char $price_type price type * @return array categories * @access public * @since 2004-03-20 * @author Christian Ehret <*****@*****.**> */ function get($price_type) { global $gDatabase, $tbl_roomcat, $errorhandler, $request; $cat = array(); $query = sprintf("SELECT pk_roomcat_id, roomcat, price_type \n\t\t\t\t FROM {$tbl_roomcat} \n\t\t\t\t WHERE ISNULL(fk_deleted_user_id) \n\t\t\t\t AND price_type = %s\n\t\t\t\t ORDER BY roomcat", MetabaseGetTextFieldValue($gDatabase, $price_type)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'RoomCategory::get()', $query); } else { $row = 0; for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $color = 0; $articles = ""; if ($row % 2 != 0) { $color = 1; } $cat[$row] = array('catid' => MetabaseFetchResult($gDatabase, $result, $row, 0), 'name' => MetabaseFetchResult($gDatabase, $result, $row, 1), 'price_type' => MetabaseFetchResult($gDatabase, $result, $row, 2), 'color' => $color); } } return $cat; }
/** * article::addroom() * * add the link to a roomcategory * * @param number $roomcatid room category id * @param number $articleid article id * @param enum $pricetype price type PP or PR * @param boolean $included price included in room or not * @access public * @since 2004-03-07 * @author Christian Ehret <*****@*****.**> */ function addroom($roomcatid, $articleid, $pricetype, $included) { global $gDatabase, $request, $tbl_roomcat_article, $errorhandler; $person = false; $children = false; if ($request->GetVar('frm_person', 'post') == 'true') { $person = true; } if ($request->GetVar('frm_children', 'post') == 'true') { $children = true; } if ($request->GetVar('frm_children2', 'post') == 'true') { $children2 = true; } if ($request->GetVar('frm_children3', 'post') == 'true') { $children3 = true; } $query = sprintf("SELECT pk_fk_article_id \n\t\t\t\t\t\t FROM {$tbl_roomcat_article}\n\t\t\t\t\t\t WHERE pk_fk_roomcat_id = %s \n\t\t\t\t AND pk_fk_article_id = %s", $roomcatid, $articleid); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Article::addroom()', $query); } elseif (MetabaseNumberOfRows($gDatabase, $result) == 0) { $query = sprintf("INSERT INTO {$tbl_roomcat_article}\n\t\t\t\t \t\t (pk_fk_roomcat_id, pk_fk_article_id, price_type,\n\t\t\t\t\t\t person, children, children2, children3, included)\n\t\t\t\t\t\t VALUES (%s,%s, %s, %s, %s, %s, %s, %s)", $roomcatid, $articleid, MetabaseGetTextFieldValue($gDatabase, $pricetype), MetabaseGetBooleanFieldValue($gDatabase, $person), MetabaseGetBooleanFieldValue($gDatabase, $children), MetabaseGetBooleanFieldValue($gDatabase, $children2), MetabaseGetBooleanFieldValue($gDatabase, $children3), MetabaseGetBooleanFieldValue($gDatabase, $included)); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Article::addroom()', $query); } } else { $query = sprintf("UPDATE {$tbl_roomcat_article} SET\n\t\t\t\t\t\t price_type = %s,\n\t\t\t\t\t\t person = %s, \n\t\t\t\t\t\t children = %s, \n\t\t\t\t\t\t children2 = %s, \n\t\t\t\t\t\t children3 = %s,\n\t\t\t\t\t\t included = %s\n\t\t\t\t\t\t WHERE pk_fk_roomcat_id = %s \n\t\t\t\t\t\t AND pk_fk_article_id = %s ", MetabaseGetTextFieldValue($gDatabase, $pricetype), MetabaseGetBooleanFieldValue($gDatabase, $person), MetabaseGetBooleanFieldValue($gDatabase, $children), MetabaseGetBooleanFieldValue($gDatabase, $children2), MetabaseGetBooleanFieldValue($gDatabase, $children3), MetabaseGetBooleanFieldValue($gDatabase, $included), $roomcatid, $articleid); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Article::addroom()', $query); } } }
/** * account::book() * * book * * @param integer $guestid guest id * @param integer $bookingid booking id * @param datetime $dateofpayment date of payment * @param text $description description * @param number $amount amount * @param integer $paycatid paycat id * @param integer $receiptid receipt it (-1 if no receipt) * @access public * @since 2004-03-10 * @author Christian Ehret <*****@*****.**> */ function book($guestid, $bookingid, $dateofpayment, $description, $amount, $paycatid, $receiptid, $on_receipt) { global $gDatabase, $tbl_account, $tbl_booking, $errorhandler, $request; $name = "zvs_pk_account_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$accountid); if (($on_receipt === true || $on_receipt == 'true') && $receiptid != -1) { $on_receipt = true; } else { $on_receipt = false; } list($day, $month, $year) = split('[.]', $dateofpayment); $dateofpayment = mktime(0, 0, 0, $month, $day, $year); if ($receiptid == -1) { $query = sprintf("INSERT INTO {$tbl_account}\n\t\t\t\t\t\t\t (pk_account_id, fk_guest_id, fk_booking_id, date_payment, description, amount,\n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id, fk_paycat_id, on_receipt)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s )", $accountid, $guestid, $bookingid, MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $dateofpayment)), MetabaseGetTextFieldValue($gDatabase, $description), $amount, $request->GetVar('uid', 'session'), $paycatid, MetabaseGetBooleanFieldValue($gDatabase, $on_receipt)); } else { $query = sprintf("INSERT INTO {$tbl_account}\n\t\t\t\t\t\t\t (pk_account_id, fk_guest_id, fk_booking_id, date_payment, description, amount, \n\t\t\t\t\t\t\t fk_receipt_id, allocated,\n\t\t\t\t\t\t\t inserted_date, fk_inserted_user_id, fk_paycat_id, on_receipt)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, %s, %s, NOW(), %s, %s, %s )", $accountid, $guestid, $bookingid, MetabaseGetTextFieldValue($gDatabase, date("Y-m-d", $dateofpayment)), MetabaseGetTextFieldValue($gDatabase, $description), $amount, $receiptid, MetabaseGetBooleanFieldValue($gDatabase, true), $request->GetVar('uid', 'session'), $paycatid, MetabaseGetBooleanFieldValue($gDatabase, $on_receipt)); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Account::book()', $query); } else { $this->setStatus($receiptid, $bookingid); /* $receiptsum = $this->getReceiptSum($receiptid); $receiptsum = $receiptsum['sum']; $query = "SELECT booking_type FROM $tbl_booking WHERE pk_booking_id = $bookingid"; $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Account::book()', $query); } else { if (MetabaseFetchResult($gDatabase, $result, 0, 0) == 'R') { if ($receiptsum <= 0 && $receiptid != -1) { $type = 'P'; } else { $type = 'B'; } $query = sprintf("UPDATE $tbl_booking SET booking_type = %s WHERE pk_booking_id = %s", MetabaseGetTextFieldValue($gDatabase, $type), $bookingid ); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Account::book()', $query); } } elseif (MetabaseFetchResult($gDatabase, $result, 0, 0) == 'B') { if ($receiptsum <= 0 && $receiptid != -1) { $query = sprintf("UPDATE $tbl_booking SET booking_type = %s WHERE pk_booking_id = %s", MetabaseGetTextFieldValue($gDatabase, 'P'), $bookingid ); print $query; $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Account::book()', $query); } } } } */ } }
break; } } if ($success && $pass) { $passed++; echo "OK.{$eol}"; } } if (isset($tests["escapesequences"]) && $success) { $test = "escapesequences"; echo "Testing escaping text values with special characters... "; flush(); $pass = 1; $test_strings = array("'", "\"", "\\", "%", "_", "''", "\"\"", "\\\\", "\\'\\'", "\\\"\\\""); for ($string = 0; $string < count($test_strings); $string++) { $value = MetabaseGetTextFieldValue($database, $test_strings[$string]); if (!MetabaseQuery($database, "DELETE FROM users") || !MetabaseQuery($database, "INSERT INTO users (user_name,user_password,user_id) VALUES ({$value},{$value},0)") || !($result = MetabaseQuery($database, "SELECT user_name,user_password FROM users"))) { $success = 0; } else { if (MetabaseEndOfResult($database, $result)) { $pass = 0; echo "FAILED!{$eol}"; $failed++; echo "Test {$test}: the query result seems to have reached the end of result earlier than expected{$eol}"; } else { $field = "user_name"; if (strcmp($value = MetabaseFetchResult($database, $result, 0, $field), $test_strings[$string])) { $pass = 0; echo "FAILED!{$eol}"; $failed++; echo "Test {$test}: the value retrieved for field \"{$field}\" (\"{$value}\") doesn't match what was stored (" . $test_strings[$string] . "){$eol}";
echo "Testing autoincrement fields... "; flush(); $pass = 1; $table = "articles"; if (!MetabaseQuery($database, "DELETE FROM {$table}")) { $success = 0; } else { $title = "Some 'title'"; $body = "NULL"; $author = 1000; $score = 2.5E-5; $omit = MetabaseSupport($database, "OmitInsertKey"); if (($omit || MetabaseGetNextKey($database, $table, $key)) && MetabaseQuery($database, "INSERT INTO {$table} (" . ($omit ? "" : "id, ") . "title, body, author, score) VALUES(" . ($omit ? "" : $key . ", ") . MetabaseGetTextFieldValue($database, $title . " - 0") . ", NULL, " . $author . ", " . MetabaseGetFloatFieldValue($database, $score) . ")") && MetabaseGetInsertedKey($database, $table, $start_id)) { $rows = 3; for ($id = $start_id + 1; $id < $start_id + $rows; $id++) { if (($omit || MetabaseGetNextKey($database, $table, $key)) && MetabaseQuery($database, "INSERT INTO {$table} (" . ($omit ? "" : "id, ") . "title, body, author, score) VALUES(" . ($omit ? "" : $key . ", ") . MetabaseGetTextFieldValue($database, $title . " - " . strval($id - $start_id)) . ", NULL, " . ($author + $id - $start_id) . ", " . MetabaseGetFloatFieldValue($database, $score * pow(10, $id - $start_id)) . ")") && MetabaseGetInsertedKey($database, $table, $inserted_id)) { if ($inserted_id != $id) { $pass = 0; echo "FAILED!{$eol}"; $failed++; echo "Test {$test}: inserted autoincrement key is {$inserted_id} and not {$id} as expected{$eol}"; break; } } else { $success = 0; break; } } if ($success && $pass) { $types = array("integer", "text"); if (MetabaseQueryAll($database, "SELECT id, title, body, author, score FROM {$table} ORDER BY id", $records, $types)) {
/** * season::saveupdate() * * save or update a season * * @return number season id * @access public * @since 2003-12-31 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_season, $errorhandler; $seasonid = $request->GetVar('frm_seasonid', 'post'); $startdate = explode(".", $request->GetVar('frm_start', 'post')); $strstartdate = $startdate[2] . "-" . $startdate[1] . "-" . $startdate[0]; $enddate = explode(".", $request->GetVar('frm_end', 'post')); $strenddate = $enddate[2] . "-" . $enddate[1] . "-" . $enddate[0]; // update if ($seasonid !== '0') { $query = sprintf("UPDATE {$tbl_season} SET \n\t\t\t name = %s, \n\t\t\t\t\t\t\t start_date = %s,\n\t\t\t\t\t\t\t end_date = %s, \n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_season_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $strstartdate), MetabaseGetTextFieldValue($gDatabase, $strenddate), $request->GetVar('uid', 'session'), $seasonid); } else { // new $name = "zvs_pk_season_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$seasonid); $query = sprintf("INSERT INTO {$tbl_season} \n\t\t\t (pk_season_id, name, start_date, end_date, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, NOW(), %s )", $seasonid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $strstartdate), MetabaseGetTextFieldValue($gDatabase, $strenddate), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Season::saveupdate()', $query); } else { return $seasonid; } }
/** * Category::saveupdate() * * Save category as new or update existing * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_guestcat, $errorhandler; $catid = $request->GetVar('frm_catid', 'post'); // update if ($catid !== '0') { $query = sprintf("UPDATE {$tbl_guestcat} SET " . "guestcat = %s, " . "description = %s, " . "updated_date = NOW(), " . "fk_updated_user_id = %s " . "WHERE pk_guestcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_cat', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('uid', 'session'), $catid); } else { // new $name = "zvs_pk_guestcat_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$catid); $query = sprintf("INSERT INTO {$tbl_guestcat}" . "(pk_guestcat_id, guestcat, description, inserted_date, fk_inserted_user_id )" . "VALUES (%s, %s, %s, NOW(), %s)", $catid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_cat', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'GuestCategory::saveupdate()', $query); } }
/** * Article::saveupdatePeriod * * Save period as new or update existing one * * @access public * @since 2004-12-13 * @author Christian Ehret <*****@*****.**> */ function saveupdatePeriod() { global $gDatabase, $request, $tbl_period, $tbl_bararticle, $errorhandler; $periodid = $request->GetVar('frm_theperiodid', 'post'); $active = false; $auto_commit = false; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); if ($request->GetVar('frm_periodact', 'post') == 'true') { $active = true; $query = sprintf("UPDATE {$tbl_period} SET \n\t\t\t\t\t\t\t active = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s ", MetabaseGetBooleanFieldValue($gDatabase, false), $request->GetVar('uid', 'session')); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query); } } // update if ($periodid !== '-1') { $query = sprintf("UPDATE {$tbl_period} SET \n\t\t\t period = %s, \n\t\t\t\t\t\t\t active = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_period_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_perioddesc', 'post')), MetabaseGetBooleanFieldValue($gDatabase, $active), $request->GetVar('uid', 'session'), $periodid); } else { // new $name = "zvs_pk_period_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$periodid); $query = sprintf("INSERT INTO {$tbl_period}\n\t\t\t (pk_period_id, period, active, inserted_date, fk_inserted_user_id, updated_date, fk_updated_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, NOW(), %s, NULL, NULL )", $periodid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_perioddesc', 'post')), MetabaseGetBooleanFieldValue($gDatabase, $active), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query); } else { if ($request->GetVar('frm_cpyperiod', 'post') != -1) { $query = "SELECT fk_bararticlecat_id, description, price, hotkey\n\t\t\t\t\t FROM {$tbl_bararticle} \n\t\t\t\t\t WHERE ISNULL(deleted_date) AND\n\t\t\t\t\t fk_period_id = " . $request->GetVar('frm_cpyperiod', 'post'); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query); } for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $name = "zvs_pk_bararticle_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$bararticleid); $query = sprintf("INSERT INTO {$tbl_bararticle} \n\t\t\t\t\t (pk_bararticle_id, fk_period_id, fk_bararticlecat_id,\n\t\t\t\t\t\t\t description, price, hotkey, inserted_date, \n\t\t\t\t\t\t\t fk_inserted_user_id)\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, %s, NOW(), %s) ", $bararticleid, $periodid, MetabaseFetchResult($gDatabase, $result, $row, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 2)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 3)), $request->GetVar('uid', 'session')); $result2 = MetabaseQuery($gDatabase, $query); if (!$result2) { $success = MetabaseRollbackTransaction($gDatabase); $errorhandler->display('SQL', 'Article::saveupdatePeriod()', $query); } } } $success = MetabaseCommitTransaction($gDatabase); // end transaction $auto_commit = true; $success = MetabaseAutoCommitTransactions($gDatabase, $auto_commit); } return $periodid; }
/** * Calendar::getExtensionTimes2() * * Get the dates the room is free before a date * * @param timestamp $date endday * @param number $roomid Roomid * @return array dates * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function getExtensionTimes2($date, $roomid) { global $tbl_booking_detail, $gDatabase, $errorhandler; $query = sprintf("SELECT UNIX_TIMESTAMP(end_date), end_date \n\t\t FROM {$tbl_booking_detail} \n\t\t\t\t\t\t WHERE UNIX_TIMESTAMP(end_date) < %s \n\t\t\t\t\t\t AND fk_room_id = %s \n\t\t\t\t\t\t AND deleted_date IS NULL \n\t\t\t\t\t\t ORDER BY end_date DESC\n\t\t\t\t\t\t LIMIT 0,1 ", MetabaseGetTextFieldValue($gDatabase, $date), $roomid); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Calendar::$this->getExtensionTimes2()', $query); } else { $rows = MetabaseNumberOfRows($gDatabase, $result); if ($rows > 0) { $freenights = round(($date - MetabaseFetchResult($gDatabase, $result, 0, 0)) / 86400); $starttmp = date("Y-m-d", MetabaseFetchResult($gDatabase, $result, 0, 0)); } else { $freenights = 100; $starttmp = date("Y-m-d", mktime(8, 0, 0, date("m", $date), date("d", $date) - $freenights, date("Y", $date))); } $days = array(); $nights = $freenights; for ($i = 0; $i < $freenights && $i < 100; ++$i) { $j = $i; $days[$i]["count"] = $j; $days[$i]["date"] = date("D, d. m. Y", strtotime("{$starttmp} + {$j} days")); if ($nights > 1) { $days[$i]["date"] .= " ({$nights} Nächte)"; } else { $days[$i]["date"] .= " ({$nights} Nacht)"; } $days[$i]["thedate"] = strtotime("{$starttmp} + {$j} days"); $nights -= 1; } return $days; } }
/** * bcat::saveupdate() * * save or update a booking category * * @return number booking category id * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function saveupdate() { global $gDatabase, $request, $tbl_bookingcat, $errorhandler; $bcatid = $request->GetVar('frm_bcatid', 'post'); // update if ($bcatid !== '0') { $query = sprintf("UPDATE {$tbl_bookingcat} SET \n\t\t\t\t\t\t\t bookingcat = %s, \n\t\t\t\t\t\t\t color = %s, \n\t\t\t\t\t\t\t description = %s, \n\t\t\t\t\t\t\t days = %s,\n\t\t\t\t\t\t\t updated_date = NOW(), \n\t\t\t\t\t\t\t fk_updated_user_id = %s \n\t\t\t\t\t\t\t WHERE pk_bookingcat_id = %s ", MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_color', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('frm_days', 'post'), $request->GetVar('uid', 'session'), $bcatid); } else { // new $name = "zvs_pk_bookingcat_id"; $sequence = MetabaseGetSequenceNextValue($gDatabase, $name, &$bcatid); $query = sprintf("INSERT INTO {$tbl_bookingcat}\n\t\t\t\t\t\t\t (pk_bookingcat_id, bookingcat, color, description, days, inserted_date, fk_inserted_user_id )\n\t\t\t\t\t\t\t VALUES (%s, %s, %s, %s, %s, NOW(), %s )", $bcatid, MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_name', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_color', 'post')), MetabaseGetTextFieldValue($gDatabase, $request->GetVar('frm_description', 'post')), $request->GetVar('frm_days', 'post'), $request->GetVar('uid', 'session')); } $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'BookingCategory::saveupdate()', $query); } else { return $bcatid; } }
/** * Booking::linkGuestAddress() * * link the addresses form one guest to another * * @param number $guestid id of source guest * @param number $guestid id of second guest * @access public * @since 2003-07-24 * @author Christian Ehret <*****@*****.**> */ function linkGuestAddress($guestid, $guestid2) { global $tbl_guest_address, $gDatabase, $errorhandler, $request; $query = sprintf("SELECT pk_fk_address_id, address_type, default_address\n\t\t\t\t\t\t FROM {$tbl_guest_address} \n\t\t WHERE pk_fk_guest_id = %s", $guestid); $result = MetabaseQuery($gDatabase, $query); if (!$result) { $errorhandler->display('SQL', 'Booking::linkGuestAddress()', $query); } else { for ($row = 0; ($eor = MetabaseEndOfResult($gDatabase, $result)) == 0; ++$row) { $query = sprintf("INSERT INTO {$tbl_guest_address} \n\t\t\t\t\t\t\t\t(pk_fk_guest_id, pk_fk_address_id, address_type, default_address)\n\t\t\t\t\t\t\t\tVALUES (%s, %s, %s, %s)", $guestid2, MetabaseFetchResult($gDatabase, $result, $row, 0), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 1)), MetabaseGetTextFieldValue($gDatabase, MetabaseFetchResult($gDatabase, $result, $row, 2))); $result2 = MetabaseQuery($gDatabase, $query); if (!$result2) { $errorhandler->display('SQL', 'Booking::linkGuestAddress()', $query); } } } }