From 0532f93bd9d7ee8ed7fa333b7b95735ea3268ede Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”> Date: Fri, 30 Aug 2024 15:01:07 +0200 Subject: [PATCH] CIM88 - Changelog en reporting --- api.php | 2 +- api/v1/get/changelog.php | 141 ++++++++++ api/v1/get/equipments.php | 30 +++ api/v1/post/debug.php | 19 ++ api/v2/authorization.php | 105 ++++++++ api/v2/get/changelog.php | 141 ++++++++++ api/v2/get/equipments.php | 304 ++++++++++++++++++++++ api/v2/get/user_credentials.php | 40 +++ api/v2/post/debug.php | 19 ++ assets/functions.php | 79 +++++- report_build.php | 153 +++++++++++ usage_reporting.php => report_usage.php | 5 +- settings/settingsmenu.php | 203 +++++++++++++++ settings/translations/translations_DE.php | 18 +- settings/translations/translations_NL.php | 18 +- settings/translations/translations_US.php | 18 +- 16 files changed, 1287 insertions(+), 8 deletions(-) create mode 100644 api/v1/get/changelog.php create mode 100644 api/v1/post/debug.php create mode 100644 api/v2/authorization.php create mode 100644 api/v2/get/changelog.php create mode 100644 api/v2/get/equipments.php create mode 100644 api/v2/get/user_credentials.php create mode 100644 api/v2/post/debug.php create mode 100644 report_build.php rename usage_reporting.php => report_usage.php (97%) create mode 100644 settings/settingsmenu.php diff --git a/api.php b/api.php index 4649b5c..400c42a 100644 --- a/api.php +++ b/api.php @@ -95,7 +95,7 @@ if($is_jwt_valid && str_contains($version, 'v')) { } else { - echo null; + http_response_code(403); //Forbidden } //------------------------------------------ diff --git a/api/v1/get/changelog.php b/api/v1/get/changelog.php new file mode 100644 index 0000000..72813a3 --- /dev/null +++ b/api/v1/get/changelog.php @@ -0,0 +1,141 @@ +prepare($sql); +//Bind to query +if (str_contains($whereclause, ':condition')){ + $stmt->bindValue('condition', $condition, PDO::PARAM_STR); +} +if (!empty($criterias)){ + foreach ($criterias as $key => $value){ + $key_condition = ':'.$key; + if (str_contains($whereclause, $key_condition)){ + if ($key == 'search'){ + $search_value = '%'.$value.'%'; + $stmt->bindValue($key, $search_value, PDO::PARAM_STR); + } + else { + $stmt->bindValue($key, $value, PDO::PARAM_STR); + } + } + //CHECK IF BETWEEN STATEMENT IS SENT + if (str_contains($whereclause, ':start') && str_contains($whereclause, ':end')){ + //DATES ARE DELIM WITH || + $dates = explode("||", $value); + $stmt->bindValue('start', $dates[0], PDO::PARAM_STR); + $stmt->bindValue('end', $dates[1], PDO::PARAM_STR); + } + } +} + +//------------------------------------------ +// Debuglog +//------------------------------------------ +if (debug){ + $message = $date.';'.$sql.';'.$username; + debuglog($message); +} + +//Add paging details +if(isset($criterias['totals']) && $criterias['totals']==''){ + $stmt->execute(); + $messages = $stmt->fetch(); + $messages = $messages[0]; +} +elseif ($criterias['reporttype']){ + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} +else { + $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; + $stmt->bindValue('page', ($current_page - 1) * $page_rows_changelog, PDO::PARAM_INT); + $stmt->bindValue('num_changelog', $page_rows_changelog, PDO::PARAM_INT); + + //Excute Query + $stmt->execute(); + + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +//------------------------------------------ +//JSON_DECODE +//------------------------------------------ +$messages = generate_payload($messages); +//Send results +echo $messages; + +?> \ No newline at end of file diff --git a/api/v1/get/equipments.php b/api/v1/get/equipments.php index ac4c5b8..50733f5 100644 --- a/api/v1/get/equipments.php +++ b/api/v1/get/equipments.php @@ -91,12 +91,42 @@ if(isset($get_content) && $get_content!=''){ //build up accounthierarchy $clause .= ' AND e.accounthierarchy like :'.$v[0]; } + elseif ($v[0] == 'productcode') { + //build up accounthierarchy + $clause .= ' AND p.productcode = :'.$v[0]; + } elseif ($v[0] == 'firmware') { //Include systemfirwmare include './settings/systemfirmware.php'; //build up search $clause .= ' AND e.status != 5 AND e.sw_version not like "'.substr($FirmwarenameR06, 0, -4).'%"'; } + elseif ($v[0] == 'serialnumber') { + //build up serialnumber + //check if multiple serialnumbers are provided + if (str_contains($v[1], ',')){ + $inputs = explode(",",$v[1]); + $new_querystring = ''; //empty querystring + $x=0; + foreach($inputs as $input){ + //create key + $new_key = $v[0].'_'.$x; + //inject new key/value to array + $criterias[$new_key] = $input; + $new_querystring .= ':'.$new_key.','; + $x++; + } + //remove obsolete last character from new_querystring + $new_querystring = substr($new_querystring,0, -1); + //add new_querystring to clause + $clause .= ' AND e.serialnumber IN ('.$new_querystring.')'; + //remove original key/value from array + unset($criterias[$v[0]]); + } + else { + $clause .= ' AND e.serialnumber IN (:'.$v[0].')'; + } + } else {//create clause $clause .= ' AND '.$v[0].' = :'.$v[0]; } diff --git a/api/v1/post/debug.php b/api/v1/post/debug.php new file mode 100644 index 0000000..99978a4 --- /dev/null +++ b/api/v1/post/debug.php @@ -0,0 +1,19 @@ +prepare('SELECT * FROM users WHERE username = ?'); +//Excute Query +$stmt->execute([$username]); + +//SETUP SQL FOR LOGIN_COUNT +$sql_login = 'UPDATE users SET login_count = ? WHERE id = ?'; + +// Check if username exists. Verify user exists then verify +if ($stmt->rowCount() == 1) { + $user_data = $stmt->fetch(); + $permission = userRights($user_data['view']); + $profile = getProfile($user_data['settings'],$permission); + $password = $user_credentials['password']; + + if ($user_data['login_count'] < 5){ + if (array_key_exists('resetkey', $user_credentials)){ + + if ($user_credentials['resetkey'] == ''){ + //Reset procedure + //STEP 1.A- Create resetkey + $headers = array('alg'=>'HS256','typ'=>'JWT'); + $payload = array('username'=>$user_data['username'], 'exp'=>(time() + 1800)); + $resetkey = generate_jwt($headers, $payload); + //STEP 1.B Store in DB + $sql = 'UPDATE users SET resetkey = ? WHERE id = ?'; + $stmt = $pdo->prepare($sql); + $stmt->execute([$resetkey,$user_data['id']]); + //STEP 2- Send to user + include_once './assets/mail/email_template_reset.php'; + send_mail($user_data['email'],$subject,$message,'',''); + //STEP 3- Update Login count + $login_attempt = $user_data['login_count'] + 1; + $stmt_login = $pdo->prepare($sql_login); + $stmt_login->execute([$login_attempt, $user_data['id']]); + } + + } else { //STANDARD LOGIN + if (password_verify($password, $user_data['password'])) { + $token = createCommunicationToken($user_data['userkey']); + + //RETURN JWT AND CLIENTSECRET + $user = array( + 'clientID' => $user_data['id'], + 'token' => $token, + 'clientsecret' => $user_data['userkey'] + ); + + //Reset login count after succesfull attempt + $login_attempt = 0; + $stmt_login = $pdo->prepare($sql_login); + $stmt_login->execute([$login_attempt, $user_data['id']]); + + //Encrypt results + $messages = $user; + //Send results + print_r($messages); + + } + else { + //Update Login count with failed attempt + $login_attempt = $user_data['login_count'] + 1; + $stmt_login = $pdo->prepare($sql_login); + $stmt_login->execute([$login_attempt, $user_data['id']]); + //Send Response + http_response_code(403); //Not authorized + } + } + } else { + //User is blocked & send error + $messages = '1'; + //------------------------------------------ + //Send results + //------------------------------------------ + echo $messages; + } +} elseif (array_key_exists('resetkey', $user_credentials)) { + if ($user_credentials['resetkey'] != ''){ + //UPDATE PASSWORD BASED ON RESETKEY + $password = $user_credentials['password']; + $passwordvalid = password_hash($password, PASSWORD_DEFAULT); + $stmt = $pdo->prepare('UPDATE users SET password = ? WHERE resetkey = ? '); + $stmt->execute([$passwordvalid, $user_credentials['resetkey']]); + + // + } else { + http_response_code(403);//Not authorized + } +} +else +{ + http_response_code(403);//Not authorized +} + +?> \ No newline at end of file diff --git a/api/v2/get/changelog.php b/api/v2/get/changelog.php new file mode 100644 index 0000000..09e3203 --- /dev/null +++ b/api/v2/get/changelog.php @@ -0,0 +1,141 @@ +prepare($sql); +//Bind to query +if (str_contains($whereclause, ':condition')){ + $stmt->bindValue('condition', $condition, PDO::PARAM_STR); +} +if (!empty($criterias)){ + foreach ($criterias as $key => $value){ + $key_condition = ':'.$key; + if (str_contains($whereclause, $key_condition)){ + if ($key == 'search'){ + $search_value = '%'.$value.'%'; + $stmt->bindValue($key, $search_value, PDO::PARAM_STR); + } + else { + $stmt->bindValue($key, $value, PDO::PARAM_STR); + } + } + //CHECK IF BETWEEN STATEMENT IS SENT + if (str_contains($whereclause, ':start') && str_contains($whereclause, ':end')){ + //DATES ARE DELIM WITH || + $dates = explode("||", $value); + $stmt->bindValue('start', $dates[0], PDO::PARAM_STR); + $stmt->bindValue('end', $dates[1], PDO::PARAM_STR); + } + } +} + +//------------------------------------------ +// Debuglog +//------------------------------------------ +if (debug){ + $message = $date.';'.$sql.';'.$username; + debuglog($message); +} + +//Add paging details +if(isset($criterias['totals']) && $criterias['totals']==''){ + $stmt->execute(); + $messages = $stmt->fetch(); + $messages = $messages[0]; +} +elseif ($criterias['reporttype']){ + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} +else { + $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; + $stmt->bindValue('page', ($current_page - 1) * $page_rows_changelog, PDO::PARAM_INT); + $stmt->bindValue('num_changelog', $page_rows_changelog, PDO::PARAM_INT); + + //Excute Query + $stmt->execute(); + + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} + +//------------------------------------------ +//JSON_DECODE +//------------------------------------------ +$messages = json_encode($messages, JSON_UNESCAPED_UNICODE); +//Send results +echo $messages; + +?> \ No newline at end of file diff --git a/api/v2/get/equipments.php b/api/v2/get/equipments.php new file mode 100644 index 0000000..a780cfe --- /dev/null +++ b/api/v2/get/equipments.php @@ -0,0 +1,304 @@ +soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';} + +//default whereclause +$whereclause = ''; + +switch ($permission) { + case '4': + $whereclause = ''; + break; + case '3': + $whereclause = ''; + break; + case '2': + $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search; + $whereclause = 'WHERE e.accounthierarchy like :condition '; + break; + default: + $condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%'; + $whereclause = 'WHERE e.accounthierarchy like :condition '; + break; +} +//------------------------------------------ +//NEW ARRAY +//------------------------------------------ +$criterias = []; +$clause = ''; + +//------------------------------------------ +//Check for $_GET variables and build up clause +//------------------------------------------ +if(isset($get_content) && $get_content!=''){ + //GET VARIABLES FROM URL + $requests = explode("&", $get_content); + //Check for keys and values + foreach ($requests as $y){ + $v = explode("=", $y); + //INCLUDE VARIABLES IN ARRAY + $criterias[$v[0]] = $v[1]; + if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='products' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='success_msg' || $v[0] =='download' || $v[0] =='sort'){ + //do nothing + } + elseif ($v[0] == 'equipmentid') { + //build up search + $clause .= ' AND e.rowID = :'.$v[0]; + } + elseif ($v[0] == 'servicedate') { + //build up service coverage + $clause .= ' AND e.service_date <= :'.$v[0]; + } + elseif ($v[0] == 'warrantydate') { + //build up warranty coverage + $clause .= ' AND e.warranty_date >= :'.$v[0]; + } + elseif ($v[0] == 'historyid') { + //build up history ID + $clause .= ' AND h.rowID = :'.$v[0]; + } + elseif ($v[0] == 'type') { + //build up history ID + $clause .= ' AND h.type = :'.$v[0]; + } + elseif ($v[0] == 'h_equipmentid') { + //build up search + $clause .= ' AND h.equipmentid = :'.$v[0]; + } + elseif ($v[0] == 'status') { + //Update status based on status + $clause .= ' AND e.'.$v[0].' = :'.$v[0]; + $status = $v[1]; + } + elseif ($v[0] == 'search') { + //build up search + $clause .= ' AND (serialnumber like :'.$v[0].' OR e.rowID like :'.$v[0].')'; + } + elseif ($v[0] == 'partnerid') { + //build up accounthierarchy + $clause .= ' AND e.accounthierarchy like :'.$v[0]; + } + elseif ($v[0] == 'serialnumber') { + //build up serialnumber + //check if multiple serialnumbers are provided + if (str_contains($v[1], ',')){ + $inputs = explode(",",$v[1]); + $new_querystring = ''; //empty querystring + $x=0; + foreach($inputs as $input){ + //create key + $new_key = $v[0].'_'.$x; + //inject new key/value to array + $criterias[$new_key] = $input; + $new_querystring .= ':'.$new_key.','; + $x++; + } + //remove obsolete last character from new_querystring + $new_querystring = substr($new_querystring,0, -1); + //add new_querystring to clause + $clause .= ' AND e.serialnumber IN ('.$new_querystring.')'; + //remove original key/value from array + unset($criterias[$v[0]]); + } + else { + $clause .= ' AND e.serialnumber IN (:'.$v[0].')'; + } + } + elseif ($v[0] == 'firmware') { + //Include systemfirwmare + include './settings/systemfirmware.php'; + //build up search + $clause .= ' AND e.status != 5 AND e.sw_version not like "'.substr($FirmwarenameR06, 0, -4).'%"'; + } + else {//create clause + $clause .= ' AND '.$v[0].' = :'.$v[0]; + } + } + if ($whereclause == '' && $clause !=''){ + $whereclause = 'WHERE '.substr($clause, 4); + } else { + $whereclause .= $clause; + } +} +if (isset($criterias['download']) && $criterias['download'] ==''){ +//Request for download +$sql = 'SELECT e.rowID as equipmentID, e.*, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY equipmentID'; +} +elseif (isset($criterias['totals']) && $criterias['totals'] =='' && !isset($criterias['type'])){ +//Request for total rows + $sql = 'SELECT count(*) as count from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.''; +} +elseif (isset($criterias['products']) && $criterias['products'] ==''){ + //Request for all products in equipment view + $sql = 'SELECT distinct(p.productcode), p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY p.productcode'; +} +elseif (isset($criterias['totals']) && $criterias['totals'] =='' && isset($criterias['type'])){ + //Request for total rows for history reports + $sql ='SELECT count(*) as count from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.''; +} +elseif (isset($criterias['history']) && $criterias['history'] != ''){ + + //History INDICATOR + /* + 0 Show All + 1 Created DESC, LIMIT 5 + */ + + switch ($criterias['history']) { + case 1: + $sort = ' ORDER BY h.created DESC LIMIT 0,'.$page_rows_equipment_servicereporst; + break; + + default: + $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; + $start_page = ($current_page - 1) * $page_rows_history; + $sort = ' ORDER BY h.created DESC LIMIT '.$start_page.','.$page_rows_history; + break; + } + //request history + $sql ='SELECT h.rowID as historyID, e.rowID as equipmentID, h.equipmentid as h_equipmentid, e.serialnumber, h.type, h.description, h.created, h.createdby from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.$sort; +} +else { + // GET SORT INDICATOR + $sort_indicator = $criterias['sort'] ?? ''; + + /* + 1 Serialnumber ASC + 2 Serialnumber DESC + 3 Status ASC + 4 Status DESC + 5 Warranty ASC + 6 Warranty DESC + 7 Service ASC + 8 Service DESC + 9 Latest ASC + 10 Latest DESC + */ + + switch ($sort_indicator){ + case 1: + $sort = ' e.serialnumber ASC '; + break; + case 2: + $sort = ' e.serialnumber DESC '; + break; + case 3: + $sort = ' e.status ASC '; + break; + case 4: + $sort = ' e.status DESC '; + break; + case 5: + $sort = ' e.warranty_date ASC '; + break; + case 6: + $sort = ' e.warranty_date DESC '; + break; + case 7: + $sort = ' e.service_date ASC '; + break; + case 8: + $sort = ' e.service_date DESC '; + break; + case 9: + $sort = ' e.created DESC '; + break; + case 10: + $sort = ' e.created ASC '; + break; + default: + $sort = ' equipmentID '; + break; + } + + //SQL for Paging + $sql = 'SELECT e.rowID as equipmentID, e.*, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY '.$sort.' LIMIT :page,:num_products'; +} + +$stmt = $pdo->prepare($sql); + +//------------------------------------------ +//Bind to query +//------------------------------------------ +if (str_contains($whereclause, ':status')){ + $stmt->bindValue('status', $status, PDO::PARAM_INT); +} +if (str_contains($whereclause, ':condition')){ + $stmt->bindValue('condition', $condition, PDO::PARAM_STR); +} + +if (!empty($criterias)){ + foreach ($criterias as $key => $value){ + $key_condition = ':'.$key; + if (str_contains($whereclause, $key_condition)){ + if ($key == 'search'){ + $search_value = '%'.$value.'%'; + $stmt->bindValue($key, $search_value, PDO::PARAM_STR); + } + elseif ($key == 'partnerid'){ + $search_value = '%"_"'.$value.'-%'; + $stmt->bindValue($key, $search_value, PDO::PARAM_STR); + } + elseif ($key == 'p'){ + //Do nothing (bug) + } + else { + $stmt->bindValue($key, $value, PDO::PARAM_STR); + } + } + } +} + +//------------------------------------------ +// Debuglog +//------------------------------------------ +if (debug){ + $message = $date.';'.$sql.';'.$username; + debuglog($message); +} +//------------------------------------------ +//Add paging details +//------------------------------------------ +if(isset($criterias['totals']) && $criterias['totals']==''){ + $stmt->execute(); + $messages = $stmt->fetch(); + $messages = $messages[0]; +} +elseif ((isset($criterias['history']) && $criterias['history'] !='') || (isset($criterias['products']) && $criterias['products'] =='') || (isset($criterias['download']) && $criterias['download'] =='')){ + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} +else { + $current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1; + $stmt->bindValue('page', ($current_page - 1) * $page_rows_equipment, PDO::PARAM_INT); + $stmt->bindValue('num_products', $page_rows_equipment, PDO::PARAM_INT); + //Excute Query + $stmt->execute(); + //Get results + $messages = $stmt->fetchAll(PDO::FETCH_ASSOC); +} +//------------------------------------------ +//JSON_DECODE +//------------------------------------------ +$messages = json_encode($messages, JSON_UNESCAPED_UNICODE); +//------------------------------------------ +//Send results +//------------------------------------------ +echo $messages; + +?> \ No newline at end of file diff --git a/api/v2/get/user_credentials.php b/api/v2/get/user_credentials.php new file mode 100644 index 0000000..8ee04a2 --- /dev/null +++ b/api/v2/get/user_credentials.php @@ -0,0 +1,40 @@ +prepare('SELECT * FROM users WHERE service = ? OR userkey = ?'); +//Translate userkey to cliensecret +$clientsecret = $userkey; +//Excute Query +$stmt->execute([$clientsecret, $clientsecret]); +// Check if username exists. +if ($stmt->rowCount() == 1) { + //Get results + $user_data = $stmt->fetch(); + //Define User data + $partnerhierarchy = $user_data['partnerhierarchy']; + $permission = userRights($user_data['view']); + $profile= getProfile($user_data['settings'],$permission); + $username = $user_data['username']; + $useremail = $user_data['email']; + $servicekey = $user_data['service']; + $language = $user_data['language']; + $partner = json_decode($partnerhierarchy); + $clientsecret = $user_data['userkey']; + + //Update Lastlogin + $logindate = date('Y-m-d H:i:s'); + $stmt = $pdo->prepare('UPDATE users SET lastlogin = ? WHERE id = ?'); + //Excute Query + $stmt->execute([$logindate, $user_data['id']]); +} else +{ + http_response_code(403);//Not authorized +} + +?> \ No newline at end of file diff --git a/api/v2/post/debug.php b/api/v2/post/debug.php new file mode 100644 index 0000000..9c01879 --- /dev/null +++ b/api/v2/post/debug.php @@ -0,0 +1,19 @@ + - + @@ -323,6 +323,26 @@ function generate_payload($payload) { return $payload_input; } +//------------------------------------------ +//ENCRYPT PAYLOAD +//------------------------------------------ +function encrypt($input, $password) { + + //CHECK IF INPUT IS ARRAY => THEN SERIALIZE INPUT + if (is_array($input)){ + $input = serialize($input); + } + + $method = "AES-256-CBC"; + $key = hash('sha256', $password, true); + $iv = openssl_random_pseudo_bytes(16); + + $ciphertext = openssl_encrypt($input, $method, $key, OPENSSL_RAW_DATA, $iv); + $hash = hash_hmac('sha256', $ciphertext . $iv, $key, true); + + return $iv . $hash . $ciphertext; +} + //------------------------------------------ // Decode Payload @@ -355,6 +375,29 @@ function decode_payload($payload_input) { return $payload_decoded = json_decode($payload)->payload; } } +//------------------------------------------ +// Decrypt payload +//------------------------------------------ +function decrypt($ivHashCiphertext, $password) { + $method = "AES-256-CBC"; + $iv = substr($ivHashCiphertext, 0, 16); + $hash = substr($ivHashCiphertext, 16, 32); + $ciphertext = substr($ivHashCiphertext, 48); + $key = hash('sha256', $password, true); + + if (!hash_equals(hash_hmac('sha256', $ciphertext . $iv, $key, true), $hash)) return null; + + $decrypted = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv); + + //UNSERIALE AND CHECK IF + $data = @unserialize($decrypted); + if ($data !== false) { + $decrypted = unserialize($decrypted); + } + + //RETURN DECRYPTED DATA + return $decrypted; +} function base64url_encode($data) { return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); @@ -1823,7 +1866,6 @@ function downloadFile($file) { function serviceforecast($messages,$type){ if ($messages){ - $number = (($type == 'warranty')? 1 : 1); //GET TOTAL SERVICE COUNT $totalcount = 0; @@ -1915,6 +1957,39 @@ function showlog($object,$objectID){ return $view; } +// +++++++++++++++++++++++++++++++++++++++++++++++++++++++ +// visual changelog +++++++++++++++ +// +++++++++++++++++++++++++++++++++++++++++++++++++++++++ +function changeLogVisual($totals,$details){ + if ($totals){ + //GET TOTAL COUNT + $totalcount = 0; + foreach ($totals as $total){ + $totalcount += $total['total']; + } + + //GET SERIALNUMBERS + $url_input = ''; //used to collect serialnumber for onclick event + foreach ($details as $detail){ + $url_input .= $detail['serialnumber'].','; + } + + $view = '
+
'; + + return $view; + } +} + + // +++++++++++++++++++++++++++++++++++++++++++++++++++++++ // download to excell function // +++++++++++++++++++++++++++++++++++++++++++++++++++++++ diff --git a/report_build.php b/report_build.php new file mode 100644 index 0000000..c371e99 --- /dev/null +++ b/report_build.php @@ -0,0 +1,153 @@ + +
+ +
+

'.$buildreport_h2.'

+

'.$buildreport_p.'

+
+
+'; + +$view .= ' +
+
+
+

'.$product_location_raw.'

+

'.$query_total_raw.'

+
+ +
+ '.$buildreport_raw_text.'
+
+ +
+
+

'.$product_location_SFG.'

+

'.$query_total_sfg.'

+
+ +
+ '.$buildreport_SFG_text.' +
+
+ +
+
+

'.$product_location_FG.'

+

'.$query_total_sfg.'

+
+ +
+ '.$buildreport_FG_text.' +
+
+ +
+
+

'.$status2_text.'

+

'.$query_total_onstock.'

+
+ +
+ '.$buildreport_onstock_text.' +
+
+
'; + +$details_SFG = changeLogVisual(json_decode(json_encode($query_SFG_total), true), json_decode(json_encode($query_SFG_details), true)); +$details_FG = changeLogVisual(json_decode(json_encode($query_FG_total), true),json_decode(json_encode($query_FG_details), true)); + +$view .= ' +
+
+
+ '.$data_build_sfg_view.' +
'.$details_SFG.'
+
+
+ '.$data_build_fg_view.' +
'.$details_FG.'
+
+'; + +//OUTPUT +echo $view; + +template_footer(); diff --git a/usage_reporting.php b/report_usage.php similarity index 97% rename from usage_reporting.php rename to report_usage.php index 4121830..ab9efa7 100644 --- a/usage_reporting.php +++ b/report_usage.php @@ -10,8 +10,9 @@ if (debug && debug_id == $_SESSION['id']){ include_once './assets/functions.php'; include_once './settings/settings.php'; +$page = 'report_usage'; //Check if allowed -if (debug_id != $_SESSION['id']){ +if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){ header('location: index.php'); exit; } @@ -88,7 +89,7 @@ function usageReportingView($messages){ return $view; } -template_header('Usage', 'usage'); +template_header('Usage', 'report_usage','view'); $view = '
diff --git a/settings/settingsmenu.php b/settings/settingsmenu.php new file mode 100644 index 0000000..d565de6 --- /dev/null +++ b/settings/settingsmenu.php @@ -0,0 +1,203 @@ + array( + "url" => "dashboard", + "selected" => "dashboard", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_dashboard" + ), + "equipments" => array( + "url" => "equipments", + "selected" => "assets", + "icon" => "fa-solid fa-database", + "name" => "menu_assets" + ), + "servicereports" => array( + "url" => "servicereports", + "selected" => "servicereports", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_service_reports" + ), + "histories" => array( + "url" => "histories", + "selected" => "histories", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_history" + ), + "firmwaretool" => array( + "url" => "firmwaretool", + "selected" => "firmwaretool", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_firmwaretool" + ), + "equipments_mass_update" => array( + "url" => "equipments_mass_update", + "selected" => "equipments_mass_update", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_equipments_mass_update" + ), + "products" => array( + "url" => "products&status=1", + "selected" => "products", + "icon" => "fas fa-box-open", + "name" => "menu_products" + ), + "sales" => array( + "url" => "accounts", + "selected" => "accounts", + "icon" => "fa-solid fa-bars", + "name" => "menu_sales" + ), + "accounts" => array( + "url" => "accounts", + "selected" => "accounts", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_sales_accounts" + ), + "contracts" => array( + "url" => "contracts", + "selected" => "contracts", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_sales_contracts" + ), + "admin" => array( + "url" => "partners", + "selected" => "partners", + "icon" => "fa-solid fa-bars", + "name" => "menu_admin" + ), + "users" => array( + "url" => "users", + "selected" => "users", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_admin_users" + ), + "communications" => array( + "url" => "communications", + "selected" => "communications", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_admin_communications" + ), + "partners" => array( + "url" => "partners", + "selected" => "partners", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_admin_partners" + ), + "settings" => array( + "url" => "settings", + "selected" => "settings", + "icon" => "fas fa-tools", + "name" => "menu_settings" + ), + "config" => array( + "url" => "settings", + "selected" => "settings", + "icon" => "fas fa-tools", + "name" => "menu_config" + ), + "language" => array( + "url" => "language", + "selected" => "language", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_language" + ), + "log" => array( + "url" => "logfile", + "selected" => "logfile", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_log" + ), + "marketing" => array( + "url" => "marketing&product_group=Emergency_Plug&product_content=Images", + "selected" => "marketing", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_marketing" + ), + "build" => array( + "url" => "buildtool", + "selected" => "buildtool", + "icon" => "fas fa-tachometer-alt", + "name" => "menu_build" + ), + "cartests" => array( + "url" => "cartests", + "selected" => "cartests", + "icon" => "fa-solid fa-car", + "name" => "menu_cartest" + ), + "reporting" => array( + "url" => "report_build", + "selected" => "report_build", + "icon" => "fa-solid fa-magnifying-glass-chart", + "name" => "menu_report_main" + ), + "report_build" => array( + "url" => "report_build", + "selected" => "report_build", + "icon" => "fa-solid fa-magnifying-glass-chart", + "name" => "menu_report_build" + ), + "report_usage" => array( + "url" => "report_usage", + "selected" => "report_usage", + "icon" => "fa-solid fa-magnifying-glass-chart", + "name" => "menu_report_usage" + ) +); + +$routes = array( + '/' => 'equipments.php', + 'equipments' => 'equipments.php', + 'products' => 'products.php', + 'logout' => 'logout.php' +); + +//------------------------------------------ +// Paging +//------------------------------------------ +$page_rows_equipment = 25; //list Equipment +$page_rows_history = 15; //list History +$page_rows_products = 10;//list producst +$page_rows_users = 15;//list users +$page_rows_partners = 15;//list partners +$page_rows_communication = 25; //list communications +$page_rows_accounts = 25 ;// list accounts +$page_rows_contracts = 25 ;// list contracts +$page_rows_cartest = 25 ;// list contracts +$page_rows_equipment_servicereporst = 5 ;// Number of service reports on equipment +$page_rows_changelog = 50 ;// Number of changelogs returned + +// +++++++++++++++++++++++++++++++++++++++++++++++++++++++ +// Marketing +++++++++++++++++++++++++++++++++++++ +// +++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +$main_marketing_dir = './marketing/'; + +$marketing_structure = array( +"Emergency_Plug" => array( + "Documents", + "Images", + "Video" + ) + ); \ No newline at end of file diff --git a/settings/translations/translations_DE.php b/settings/translations/translations_DE.php index c02a06e..6e6ec71 100644 --- a/settings/translations/translations_DE.php +++ b/settings/translations/translations_DE.php @@ -21,6 +21,9 @@ $menu_log = 'Protokoll'; $menu_marketing = 'Marketing'; $menu_build = 'Erstellen'; $menu_cartest = 'Fahrzeugdatenbank'; +$menu_report_main = 'Reports'; +$menu_report_build = 'Stock and Production'; +$menu_report_usage = 'System usage'; //TABS $tab1 = 'Allgemein'; @@ -762,4 +765,17 @@ $cartest_allowed_label6 = 'Gelb'; $cartest_allowed_label7 = 'Blau'; $cartest_allowed_label8 = 'Rot'; $cartest_allowed_label9 = 'Bestanden'; -$cartest_allowed_label10 = 'Nicht bestanden'; \ No newline at end of file +$cartest_allowed_label10 = 'Nicht bestanden'; + +//--------------------------------- +//BUILD REPORT +//--------------------------------- +$buildreport_h2 = 'Stock and Production'; +$buildreport_p = 'Reporting'; + +$buildreport_raw_text = 'Total number '.$product_location_raw; +$buildreport_SFG_text = 'Total number '.$product_location_SFG; +$buildreport_FG_text = 'Total number '.$product_location_FG; +$buildreport_onstock_text = 'Total number '.$status2_text; +$data_build_sfg_view = $product_location_SFG.' produced in the last 7 days'; +$data_build_fg_view = $product_location_FG.' produced in the last 7 days'; diff --git a/settings/translations/translations_NL.php b/settings/translations/translations_NL.php index f07dd97..7edfbcd 100644 --- a/settings/translations/translations_NL.php +++ b/settings/translations/translations_NL.php @@ -21,6 +21,9 @@ $menu_log = 'Log'; $menu_marketing = 'Marketing'; $menu_build = 'Build'; $menu_cartest = 'Auto database'; +$menu_report_main = 'Rapporten'; +$menu_report_build = 'Voorraad en Productie'; +$menu_report_usage = 'Systeemgebruik'; //TABS $tab1 = 'Algemeen'; @@ -734,4 +737,17 @@ $cartest_allowed_label6 = 'Geel'; $cartest_allowed_label7 = 'Blauw'; $cartest_allowed_label8 = 'Rood'; $cartest_allowed_label9 = 'Goed'; -$cartest_allowed_label10 = 'Fout'; \ No newline at end of file +$cartest_allowed_label10 = 'Fout'; + +//--------------------------------- +//BUILD REPORT +//--------------------------------- +$buildreport_h2 = 'Voorraad en Productie'; +$buildreport_p = 'Rapporten'; + +$buildreport_raw_text = 'Totaal aantal '.$product_location_raw; +$buildreport_SFG_text = 'Totaal aantal '.$product_location_SFG; +$buildreport_FG_text = 'Totaal aantal '.$product_location_FG; +$buildreport_onstock_text = 'Totaal aantal '.$status2_text; +$data_build_sfg_view = $product_location_SFG.' geproduceerd in de laatste 7 dagen'; +$data_build_fg_view = $product_location_FG.' geproduceerd in de laatste 7 dagen'; diff --git a/settings/translations/translations_US.php b/settings/translations/translations_US.php index ab7dfd3..c38ffb2 100644 --- a/settings/translations/translations_US.php +++ b/settings/translations/translations_US.php @@ -21,6 +21,9 @@ $menu_log = 'Log'; $menu_marketing = 'Marketing'; $menu_build = 'Build'; $menu_cartest = 'Car database'; +$menu_report_main = 'Reports'; +$menu_report_build = 'Stock and Production'; +$menu_report_usage = 'System usage'; //TABS $tab1 = 'General'; @@ -731,4 +734,17 @@ $cartest_allowed_label6 = 'Yellow'; $cartest_allowed_label7 = 'Blue'; $cartest_allowed_label8 = 'Red'; $cartest_allowed_label9 = 'Pass'; -$cartest_allowed_label10 = 'Fail'; \ No newline at end of file +$cartest_allowed_label10 = 'Fail'; + +//--------------------------------- +//BUILD REPORT +//--------------------------------- +$buildreport_h2 = 'Stock and Production'; +$buildreport_p = 'Reporting'; + +$buildreport_raw_text = 'Total number '.$product_location_raw; +$buildreport_SFG_text = 'Total number '.$product_location_SFG; +$buildreport_FG_text = 'Total number '.$product_location_FG; +$buildreport_onstock_text = 'Total number '.$status2_text; +$data_build_sfg_view = $product_location_SFG.' produced in the last 7 days'; +$data_build_fg_view = $product_location_FG.' produced in the last 7 days';