pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'development'

Browse Source
This commit is contained in:
“VeLiTi”
2024-08-30 15:02:09 +02:00
parent 4a3ccd04dd 0532f93bd9
commit aeafacc12f
16 changed files with 1287 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api.php
View File

@@ -95,7 +95,7 @@ if($is_jwt_valid && str_contains($version, 'v')) {
}
else
{
echo null;
http_response_code(403); //Forbidden
}
//------------------------------------------

141
api/v1/get/changelog.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Changelog
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//NEW ARRAY
$criterias = [];
$whereclause = '';
$clause = '';
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='between' || $v[0] =='totals' || $v[0] =='reporttype' || $v[0] =='download' || $v[0] =='list'|| $v[0] =='success_msg'){
//do nothing
}
elseif ($v[0] == 'search') {
//build up search
$clause .= ' AND (c.objectID like :'.$v[0].')';
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
}
}
if (isset($criterias['between']) && $criterias['between'] !=''){
//ADD BETWEEN STATEMENT IF BETWEEN IS IN URL
//BETWEEN delim ||
$clause .= ' AND (c.created BETWEEN :start AND :end)';
}
if ($whereclause == '' && $clause !=''){
$whereclause = 'WHERE '.substr($clause, 4);
} else {
$whereclause .= $clause;
}
}
//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
$sql = 'SELECT count(*) as count FROM changelog c '.$whereclause;
}
elseif(isset($criterias['download']) && $criterias['download'] ==''){
//Request for total rows
$sql = 'SELECT * FROM changelog c '.$whereclause;
}
elseif(isset($criterias['reporttype']) && $criterias['reporttype'] !=''){
//SQL BASED ON REPORTTYPE
// 1 = Totals
// 2 = All
switch ($criterias['reporttype']) {
case 1:
$sql = "SELECT count(distinct(c.objectID)) as total, DAY(c.created) as DoW , WEEK (c.created) as WoW, c.object_value FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause GROUP BY DoW ORDER BY WoW, DoW";
break;
case 2:
$sql = "SELECT distinct(c.objectID) as objectID, DAY(c.created) as DoW , WEEK (c.created) as WoW, c.object_value, e.serialnumber FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause ORDER BY WoW, DoW";
break;
}
}
else {
//SQL for Paging
$sql = "SELECT c.*,e.* FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause ORDER BY c.rowID DESC LIMIT :page,:num_changelog";
}
$stmt = $pdo->prepare($sql);
//Bind to query
if (str_contains($whereclause, ':condition')){
$stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}
if (!empty($criterias)){
foreach ($criterias as $key => $value){
$key_condition = ':'.$key;
if (str_contains($whereclause, $key_condition)){
if ($key == 'search'){
$search_value = '%'.$value.'%';
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
}
else {
$stmt->bindValue($key, $value, PDO::PARAM_STR);
}
}
//CHECK IF BETWEEN STATEMENT IS SENT
if (str_contains($whereclause, ':start') && str_contains($whereclause, ':end')){
//DATES ARE DELIM WITH ||
$dates = explode("||", $value);
$stmt->bindValue('start', $dates[0], PDO::PARAM_STR);
$stmt->bindValue('end', $dates[1], PDO::PARAM_STR);
}
}
}
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$sql.';'.$username;
debuglog($message);
}
//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute();
$messages = $stmt->fetch();
$messages = $messages[0];
}
elseif ($criterias['reporttype']){
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
$stmt->bindValue('page', ($current_page - 1) * $page_rows_changelog, PDO::PARAM_INT);
$stmt->bindValue('num_changelog', $page_rows_changelog, PDO::PARAM_INT);
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
//------------------------------------------
//JSON_DECODE
//------------------------------------------
$messages = generate_payload($messages);
//Send results
echo $messages;
?>

30
api/v1/get/equipments.php
View File

@@ -91,12 +91,42 @@ if(isset($get_content) && $get_content!=''){
//build up accounthierarchy
$clause .= ' AND e.accounthierarchy like :'.$v[0];
}
elseif ($v[0] == 'productcode') {
//build up accounthierarchy
$clause .= ' AND p.productcode = :'.$v[0];
}
elseif ($v[0] == 'firmware') {
//Include systemfirwmare
include './settings/systemfirmware.php';
//build up search
$clause .= ' AND e.status != 5 AND e.sw_version not like "'.substr($FirmwarenameR06, 0, -4).'%"';
}
elseif ($v[0] == 'serialnumber') {
//build up serialnumber
//check if multiple serialnumbers are provided
if (str_contains($v[1], ',')){
$inputs = explode(",",$v[1]);
$new_querystring = ''; //empty querystring
$x=0;
foreach($inputs as $input){
//create key
$new_key = $v[0].'_'.$x;
//inject new key/value to array
$criterias[$new_key] = $input;
$new_querystring .= ':'.$new_key.',';
$x++;
}
//remove obsolete last character from new_querystring
$new_querystring = substr($new_querystring,0, -1);
//add new_querystring to clause
$clause .= ' AND e.serialnumber IN ('.$new_querystring.')';
//remove original key/value from array
unset($criterias[$v[0]]);
}
else {
$clause .= ' AND e.serialnumber IN (:'.$v[0].')';
}
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
}

19
api/v1/post/debug.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// DEBUG
//------------------------------------------
//CONTENT FROM API (POST)
$post_content = json_decode(decode_payload($input),true);
//ADD POST CONTENT TO DEBUG LOG
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$post_content.';'.$username;
debuglog($message);
}

105
api/v2/authorization.php Normal file
View File

@@ -0,0 +1,105 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Get user_details
//------------------------------------------
$user_credentials = json_decode($input,true);
//Connect to DB
$pdo = dbConnect($dbname);
$username = $user_credentials['username'] ?? '';
//Define Query
$stmt = $pdo->prepare('SELECT * FROM users WHERE username = ?');
//Excute Query
$stmt->execute([$username]);
//SETUP SQL FOR LOGIN_COUNT
$sql_login = 'UPDATE users SET login_count = ? WHERE id = ?';
// Check if username exists. Verify user exists then verify
if ($stmt->rowCount() == 1) {
$user_data = $stmt->fetch();
$permission = userRights($user_data['view']);
$profile = getProfile($user_data['settings'],$permission);
$password = $user_credentials['password'];
if ($user_data['login_count'] < 5){
if (array_key_exists('resetkey', $user_credentials)){
if ($user_credentials['resetkey'] == ''){
//Reset procedure
//STEP 1.A- Create resetkey
$headers = array('alg'=>'HS256','typ'=>'JWT');
$payload = array('username'=>$user_data['username'], 'exp'=>(time() + 1800));
$resetkey = generate_jwt($headers, $payload);
//STEP 1.B Store in DB
$sql = 'UPDATE users SET resetkey = ? WHERE id = ?';
$stmt = $pdo->prepare($sql);
$stmt->execute([$resetkey,$user_data['id']]);
//STEP 2- Send to user
include_once './assets/mail/email_template_reset.php';
send_mail($user_data['email'],$subject,$message,'','');
//STEP 3- Update Login count
$login_attempt = $user_data['login_count'] + 1;
$stmt_login = $pdo->prepare($sql_login);
$stmt_login->execute([$login_attempt, $user_data['id']]);
}
} else { //STANDARD LOGIN
if (password_verify($password, $user_data['password'])) {
$token = createCommunicationToken($user_data['userkey']);
//RETURN JWT AND CLIENTSECRET
$user = array(
'clientID' => $user_data['id'],
'token' => $token,
'clientsecret' => $user_data['userkey']
);
//Reset login count after succesfull attempt
$login_attempt = 0;
$stmt_login = $pdo->prepare($sql_login);
$stmt_login->execute([$login_attempt, $user_data['id']]);
//Encrypt results
$messages = $user;
//Send results
print_r($messages);
}
else {
//Update Login count with failed attempt
$login_attempt = $user_data['login_count'] + 1;
$stmt_login = $pdo->prepare($sql_login);
$stmt_login->execute([$login_attempt, $user_data['id']]);
//Send Response
http_response_code(403); //Not authorized
}
}
} else {
//User is blocked & send error
$messages = '1';
//------------------------------------------
//Send results
//------------------------------------------
echo $messages;
}
} elseif (array_key_exists('resetkey', $user_credentials)) {
if ($user_credentials['resetkey'] != ''){
//UPDATE PASSWORD BASED ON RESETKEY
$password = $user_credentials['password'];
$passwordvalid = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare('UPDATE users SET password = ? WHERE resetkey = ? ');
$stmt->execute([$passwordvalid, $user_credentials['resetkey']]);
//
} else {
http_response_code(403);//Not authorized
}
}
else
{
http_response_code(403);//Not authorized
}
?>

141
api/v2/get/changelog.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Changelog
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//NEW ARRAY
$criterias = [];
$whereclause = '';
$clause = '';
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='between' || $v[0] =='totals' || $v[0] =='reporttype' || $v[0] =='download' || $v[0] =='list'|| $v[0] =='success_msg'){
//do nothing
}
elseif ($v[0] == 'search') {
//build up search
$clause .= ' AND (c.objectID like :'.$v[0].')';
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
}
}
if (isset($criterias['between']) && $criterias['between'] !=''){
//ADD BETWEEN STATEMENT IF BETWEEN IS IN URL
//BETWEEN delim ||
$clause .= ' AND (c.created BETWEEN :start AND :end)';
}
if ($whereclause == '' && $clause !=''){
$whereclause = 'WHERE '.substr($clause, 4);
} else {
$whereclause .= $clause;
}
}
//Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows
$sql = 'SELECT count(*) as count FROM changelog c '.$whereclause;
}
elseif(isset($criterias['download']) && $criterias['download'] ==''){
//Request for total rows
$sql = 'SELECT * FROM changelog c '.$whereclause;
}
elseif(isset($criterias['reporttype']) && $criterias['reporttype'] !=''){
//SQL BASED ON REPORTTYPE
// 1 = Totals
// 2 = All
switch ($criterias['reporttype']) {
case 1:
$sql = "SELECT count(distinct(c.objectID)) as total, DAY(c.created) as DoW , WEEK (c.created) as WoW, c.object_value FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause GROUP BY DoW ORDER BY WoW, DoW";
break;
case 2:
$sql = "SELECT distinct(c.objectID) as objectID, DAY(c.created) as DoW , WEEK (c.created) as WoW, c.object_value, e.serialnumber FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause ORDER BY WoW, DoW";
break;
}
}
else {
//SQL for Paging
$sql = "SELECT c.*,e.* FROM changelog c LEFT JOIN equipment e ON c.objectID = e.rowID $whereclause ORDER BY c.rowID DESC LIMIT :page,:num_changelog";
}
$stmt = $pdo->prepare($sql);
//Bind to query
if (str_contains($whereclause, ':condition')){
$stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}
if (!empty($criterias)){
foreach ($criterias as $key => $value){
$key_condition = ':'.$key;
if (str_contains($whereclause, $key_condition)){
if ($key == 'search'){
$search_value = '%'.$value.'%';
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
}
else {
$stmt->bindValue($key, $value, PDO::PARAM_STR);
}
}
//CHECK IF BETWEEN STATEMENT IS SENT
if (str_contains($whereclause, ':start') && str_contains($whereclause, ':end')){
//DATES ARE DELIM WITH ||
$dates = explode("||", $value);
$stmt->bindValue('start', $dates[0], PDO::PARAM_STR);
$stmt->bindValue('end', $dates[1], PDO::PARAM_STR);
}
}
}
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$sql.';'.$username;
debuglog($message);
}
//Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute();
$messages = $stmt->fetch();
$messages = $messages[0];
}
elseif ($criterias['reporttype']){
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
$stmt->bindValue('page', ($current_page - 1) * $page_rows_changelog, PDO::PARAM_INT);
$stmt->bindValue('num_changelog', $page_rows_changelog, PDO::PARAM_INT);
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
//------------------------------------------
//JSON_DECODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
?>

304
api/v2/get/equipments.php Normal file
View File

@@ -0,0 +1,304 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Equipments
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//Get user_rights from users.php
$partner = json_decode($partnerhierarchy);
//SoldTo is empty
if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
//default whereclause
$whereclause = '';
switch ($permission) {
case '4':
$whereclause = '';
break;
case '3':
$whereclause = '';
break;
case '2':
$condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search;
$whereclause = 'WHERE e.accounthierarchy like :condition ';
break;
default:
$condition = '__salesid___'.$partner->salesid.'___soldto___'.substr($partner->soldto, 0, strpos($partner->soldto, "-")).$soldto_search.'___shipto___'.substr($partner->shipto, 0, strpos($partner->shipto, "-")).'%___location___'.substr($partner->location, 0, strpos($partner->location, "-")).'%';
$whereclause = 'WHERE e.accounthierarchy like :condition ';
break;
}
//------------------------------------------
//NEW ARRAY
//------------------------------------------
$criterias = [];
$clause = '';
//------------------------------------------
//Check for $_GET variables and build up clause
//------------------------------------------
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
if ($v[0] == 'page' || $v[0] =='p' || $v[0] =='products' || $v[0] =='totals' || $v[0] =='history' || $v[0] =='success_msg' || $v[0] =='download' || $v[0] =='sort'){
//do nothing
}
elseif ($v[0] == 'equipmentid') {
//build up search
$clause .= ' AND e.rowID = :'.$v[0];
}
elseif ($v[0] == 'servicedate') {
//build up service coverage
$clause .= ' AND e.service_date <= :'.$v[0];
}
elseif ($v[0] == 'warrantydate') {
//build up warranty coverage
$clause .= ' AND e.warranty_date >= :'.$v[0];
}
elseif ($v[0] == 'historyid') {
//build up history ID
$clause .= ' AND h.rowID = :'.$v[0];
}
elseif ($v[0] == 'type') {
//build up history ID
$clause .= ' AND h.type = :'.$v[0];
}
elseif ($v[0] == 'h_equipmentid') {
//build up search
$clause .= ' AND h.equipmentid = :'.$v[0];
}
elseif ($v[0] == 'status') {
//Update status based on status
$clause .= ' AND e.'.$v[0].' = :'.$v[0];
$status = $v[1];
}
elseif ($v[0] == 'search') {
//build up search
$clause .= ' AND (serialnumber like :'.$v[0].' OR e.rowID like :'.$v[0].')';
}
elseif ($v[0] == 'partnerid') {
//build up accounthierarchy
$clause .= ' AND e.accounthierarchy like :'.$v[0];
}
elseif ($v[0] == 'serialnumber') {
//build up serialnumber
//check if multiple serialnumbers are provided
if (str_contains($v[1], ',')){
$inputs = explode(",",$v[1]);
$new_querystring = ''; //empty querystring
$x=0;
foreach($inputs as $input){
//create key
$new_key = $v[0].'_'.$x;
//inject new key/value to array
$criterias[$new_key] = $input;
$new_querystring .= ':'.$new_key.',';
$x++;
}
//remove obsolete last character from new_querystring
$new_querystring = substr($new_querystring,0, -1);
//add new_querystring to clause
$clause .= ' AND e.serialnumber IN ('.$new_querystring.')';
//remove original key/value from array
unset($criterias[$v[0]]);
}
else {
$clause .= ' AND e.serialnumber IN (:'.$v[0].')';
}
}
elseif ($v[0] == 'firmware') {
//Include systemfirwmare
include './settings/systemfirmware.php';
//build up search
$clause .= ' AND e.status != 5 AND e.sw_version not like "'.substr($FirmwarenameR06, 0, -4).'%"';
}
else {//create clause
$clause .= ' AND '.$v[0].' = :'.$v[0];
}
}
if ($whereclause == '' && $clause !=''){
$whereclause = 'WHERE '.substr($clause, 4);
} else {
$whereclause .= $clause;
}
}
if (isset($criterias['download']) && $criterias['download'] ==''){
//Request for download
$sql = 'SELECT e.rowID as equipmentID, e.*, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY equipmentID';
}
elseif (isset($criterias['totals']) && $criterias['totals'] =='' && !isset($criterias['type'])){
//Request for total rows
$sql = 'SELECT count(*) as count from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.'';
}
elseif (isset($criterias['products']) && $criterias['products'] ==''){
//Request for all products in equipment view
$sql = 'SELECT distinct(p.productcode), p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY p.productcode';
}
elseif (isset($criterias['totals']) && $criterias['totals'] =='' && isset($criterias['type'])){
//Request for total rows for history reports
$sql ='SELECT count(*) as count from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.'';
}
elseif (isset($criterias['history']) && $criterias['history'] != ''){
//History INDICATOR
/*
0 Show All
1 Created DESC, LIMIT 5
*/
switch ($criterias['history']) {
case 1:
$sort = ' ORDER BY h.created DESC LIMIT 0,'.$page_rows_equipment_servicereporst;
break;
default:
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
$start_page = ($current_page - 1) * $page_rows_history;
$sort = ' ORDER BY h.created DESC LIMIT '.$start_page.','.$page_rows_history;
break;
}
//request history
$sql ='SELECT h.rowID as historyID, e.rowID as equipmentID, h.equipmentid as h_equipmentid, e.serialnumber, h.type, h.description, h.created, h.createdby from history h LEFT JOIN equipment e ON h.equipmentid = e.rowID '.$whereclause.$sort;
}
else {
// GET SORT INDICATOR
$sort_indicator = $criterias['sort'] ?? '';
/*
1 Serialnumber ASC
2 Serialnumber DESC
3 Status ASC
4 Status DESC
5 Warranty ASC
6 Warranty DESC
7 Service ASC
8 Service DESC
9 Latest ASC
10 Latest DESC
*/
switch ($sort_indicator){
case 1:
$sort = ' e.serialnumber ASC ';
break;
case 2:
$sort = ' e.serialnumber DESC ';
break;
case 3:
$sort = ' e.status ASC ';
break;
case 4:
$sort = ' e.status DESC ';
break;
case 5:
$sort = ' e.warranty_date ASC ';
break;
case 6:
$sort = ' e.warranty_date DESC ';
break;
case 7:
$sort = ' e.service_date ASC ';
break;
case 8:
$sort = ' e.service_date DESC ';
break;
case 9:
$sort = ' e.created DESC ';
break;
case 10:
$sort = ' e.created ASC ';
break;
default:
$sort = ' equipmentID ';
break;
}
//SQL for Paging
$sql = 'SELECT e.rowID as equipmentID, e.*, p.productcode, p.productname from equipment e LEFT JOIN products p ON e.productrowid = p.rowID '.$whereclause.' ORDER BY '.$sort.' LIMIT :page,:num_products';
}
$stmt = $pdo->prepare($sql);
//------------------------------------------
//Bind to query
//------------------------------------------
if (str_contains($whereclause, ':status')){
$stmt->bindValue('status', $status, PDO::PARAM_INT);
}
if (str_contains($whereclause, ':condition')){
$stmt->bindValue('condition', $condition, PDO::PARAM_STR);
}
if (!empty($criterias)){
foreach ($criterias as $key => $value){
$key_condition = ':'.$key;
if (str_contains($whereclause, $key_condition)){
if ($key == 'search'){
$search_value = '%'.$value.'%';
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
}
elseif ($key == 'partnerid'){
$search_value = '%"_"'.$value.'-%';
$stmt->bindValue($key, $search_value, PDO::PARAM_STR);
}
elseif ($key == 'p'){
//Do nothing (bug)
}
else {
$stmt->bindValue($key, $value, PDO::PARAM_STR);
}
}
}
}
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$sql.';'.$username;
debuglog($message);
}
//------------------------------------------
//Add paging details
//------------------------------------------
if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute();
$messages = $stmt->fetch();
$messages = $messages[0];
}
elseif ((isset($criterias['history']) && $criterias['history'] !='') || (isset($criterias['products']) && $criterias['products'] =='') || (isset($criterias['download']) && $criterias['download'] =='')){
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
$current_page = isset($criterias['p']) && is_numeric($criterias['p']) ? (int)$criterias['p'] : 1;
$stmt->bindValue('page', ($current_page - 1) * $page_rows_equipment, PDO::PARAM_INT);
$stmt->bindValue('num_products', $page_rows_equipment, PDO::PARAM_INT);
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
//------------------------------------------
//JSON_DECODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//------------------------------------------
//Send results
//------------------------------------------
echo $messages;
?>

40
api/v2/get/user_credentials.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Get user_details based on securitykey
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//Define Query
$stmt = $pdo->prepare('SELECT * FROM users WHERE service = ? OR userkey = ?');
//Translate userkey to cliensecret
$clientsecret = $userkey;
//Excute Query
$stmt->execute([$clientsecret, $clientsecret]);
// Check if username exists.
if ($stmt->rowCount() == 1) {
//Get results
$user_data = $stmt->fetch();
//Define User data
$partnerhierarchy = $user_data['partnerhierarchy'];
$permission = userRights($user_data['view']);
$profile= getProfile($user_data['settings'],$permission);
$username = $user_data['username'];
$useremail = $user_data['email'];
$servicekey = $user_data['service'];
$language = $user_data['language'];
$partner = json_decode($partnerhierarchy);
$clientsecret = $user_data['userkey'];
//Update Lastlogin
$logindate = date('Y-m-d H:i:s');
$stmt = $pdo->prepare('UPDATE users SET lastlogin = ? WHERE id = ?');
//Excute Query
$stmt->execute([$logindate, $user_data['id']]);
} else
{
http_response_code(403);//Not authorized
}
?>

19
api/v2/post/debug.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// DEBUG
//------------------------------------------
//CONTENT FROM API (POST)
$post_content = json_decode($input,true);
//ADD POST CONTENT TO DEBUG LOG
//------------------------------------------
// Debuglog
//------------------------------------------
if (debug){
$message = $date.';'.$post_content.';'.$username;
debuglog($message);
}

79
assets/functions.php
View File

@@ -235,7 +235,7 @@ echo <<<EOT
<link rel="icon" type="image/png" href="$icon_image">
<link href="./style/admin.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="./style/leaflet.css" />
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v6.0.0/css/all.css">
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v6.6.0/css/all.css">
<script src="./assets/leaflet.js"></script>
<script src="./assets/charts.js"></script>
</head>
@@ -323,6 +323,26 @@ function generate_payload($payload) {
return $payload_input;
}
//------------------------------------------
//ENCRYPT PAYLOAD
//------------------------------------------
function encrypt($input, $password) {
//CHECK IF INPUT IS ARRAY => THEN SERIALIZE INPUT
if (is_array($input)){
$input = serialize($input);
}
$method = "AES-256-CBC";
$key = hash('sha256', $password, true);
$iv = openssl_random_pseudo_bytes(16);
$ciphertext = openssl_encrypt($input, $method, $key, OPENSSL_RAW_DATA, $iv);
$hash = hash_hmac('sha256', $ciphertext . $iv, $key, true);
return $iv . $hash . $ciphertext;
}
//------------------------------------------
// Decode Payload
@@ -355,6 +375,29 @@ function decode_payload($payload_input) {
return $payload_decoded = json_decode($payload)->payload;
}
}
//------------------------------------------
// Decrypt payload
//------------------------------------------
function decrypt($ivHashCiphertext, $password) {
$method = "AES-256-CBC";
$iv = substr($ivHashCiphertext, 0, 16);
$hash = substr($ivHashCiphertext, 16, 32);
$ciphertext = substr($ivHashCiphertext, 48);
$key = hash('sha256', $password, true);
if (!hash_equals(hash_hmac('sha256', $ciphertext . $iv, $key, true), $hash)) return null;
$decrypted = openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
//UNSERIALE AND CHECK IF
$data = @unserialize($decrypted);
if ($data !== false) {
$decrypted = unserialize($decrypted);
}
//RETURN DECRYPTED DATA
return $decrypted;
}
function base64url_encode($data) {
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
@@ -1823,7 +1866,6 @@ function downloadFile($file) {
function serviceforecast($messages,$type){
if ($messages){
$number = (($type == 'warranty')? 1 : 1);
//GET TOTAL SERVICE COUNT
$totalcount = 0;
@@ -1915,6 +1957,39 @@ function showlog($object,$objectID){
return $view;
}
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++
// visual changelog +++++++++++++++
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++
function changeLogVisual($totals,$details){
if ($totals){
//GET TOTAL COUNT
$totalcount = 0;
foreach ($totals as $total){
$totalcount += $total['total'];
}
//GET SERIALNUMBERS
$url_input = ''; //used to collect serialnumber for onclick event
foreach ($details as $detail){
$url_input .= $detail['serialnumber'].',';
}
$view = '<div style="margin-bottom: 30px;" onclick="location.href=\'index.php?page=equipments&serialnumber='.substr($url_input,0,-1).'\'">
<ul style="width: 100%;max-width:100%" class="chart">
';
foreach ($totals as $total){
$height = ($total['total'] / $totalcount) * 100;
$title = $total['DoW'].'/'.$total['WoW'];
$view .='<li style="text-align:center;">' . $total['total'] . '<span style="height:' . $height . '%" title="' . $title . '"></span></li>';
}
$view .='</ul></div>';
return $view;
}
}
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++
// download to excell function
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++

153
report_build.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
defined(page_security_key) or exit;
if (debug && debug_id == $_SESSION['id']){
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
}
include_once './assets/functions.php';
include_once './settings/settings.php';
//For navigation
$_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];
$page = 'report_build';
//Check if allowed
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
header('location: index.php');
exit;
}
//Return RAW from API
$api_url = '/v1/equipments/productrowid=0&status=0&totals=';
$query_total_raw = ioServer($api_url,'');
//Decode Payload
if (!empty($query_total_raw)){$query_total_raw = decode_payload($query_total_raw);}else{$query_total_raw = null;}
//Return SEMI FINISHED GOODS from API
$api_url = '/v1/equipments/productrowid=0&status=1&totals=';
$query_total_sfg = ioServer($api_url,'');
//Decode Payload
if (!empty($query_total_sfg)){$query_total_sfg = decode_payload($query_total_sfg);}else{$query_total_sfg = null;}
//Return FINISH GOODS from API
$api_url = '/v1/equipments/productrowid=0&status=2&totals=';
$query_total_sfg = ioServer($api_url,'');
//Decode Payload
if (!empty($query_total_sfg)){$query_total_sfg = decode_payload($query_total_sfg);}else{$query_total_sfg = null;}
//Return warranty from API
$api_url = '/v1/equipments/status=2&totals=';
$query_total_onstock = ioServer($api_url,'');
//Decode Payload
if (!empty($query_total_onstock)){$query_total_onstock = decode_payload($query_total_onstock);}else{$query_total_onstock = null;}
$startdate = date("Y-m-d", strtotime("-900 days"));
$enddate = date("Y-m-d");
//Return SFG from API - total
$api_url = '/v1/changelog/object_field=status&object_value=1&reporttype=1&between='.$startdate.'||'.$enddate;
$query_SFG_total = ioServer($api_url,'');
//Decode Payload
if (!empty($query_SFG_total)){$query_SFG_total = decode_payload($query_SFG_total);}else{$query_SFG_total = null;}
//Return SFG from API - details
$api_url = '/v1/changelog/object_field=status&object_value=2&reporttype=2&between='.$startdate.'||'.$enddate;
$query_SFG_details = ioServer($api_url,'');
//Decode Payload
if (!empty($query_SFG_details)){$query_SFG_details = decode_payload($query_SFG_details);}else{$query_SFG_details = null;}
//Return FG from API - totals
$api_url = '/v1/changelog/object_field=status&object_value=1&reporttype=1&between='.$startdate.'||'.$enddate;
$query_FG_total = ioServer($api_url,'');
//Decode Payload
if (!empty($query_FG_total)){$query_FG_total = decode_payload($query_FG_total);}else{$query_FG_total = null;}
//Return FG from API - details
$api_url = '/v1/changelog/object_field=status&object_value=2&reporttype=2&between='.$startdate.'||'.$enddate;
$query_FG_details = ioServer($api_url,'');
//Decode Payload
if (!empty($query_FG_details)){$query_FG_details = decode_payload($query_FG_details);}else{$query_FG_details = null;}
template_header('Build', 'report_build','view');
$view = '
<div class="content-title">
<div class="title">
<i class="fa-solid fa-house"></i>
<div class="txt">
<h2>'.$buildreport_h2.'</h2>
<p>'.$buildreport_p.'</p>
</div>
</div>
</div>';
$view .= '
<div class="dashboard">
<div class="content-block stat">
<div class="data" onclick="location.href=\'index.php?page=equipments&productrowid=0&status=0\'">
<h3>'.$product_location_raw.'</h3>
<p>'.$query_total_raw.'</p>
</div>
<i class="fas fa-box-open"></i>
<div class="footer">
<i class="fa-solid fa-rotate fa-xs"></i>'.$buildreport_raw_text.'</div>
</div>
<div class="content-block stat">
<div class="data" onclick="location.href=\'index.php?page=equipments&productrowid=0&status=1\'">
<h3>'.$product_location_SFG.'</h3>
<p>'.$query_total_sfg.'</p>
</div>
<i class="fa-solid fa-calendar-check"></i>
<div class="footer">
<i class="fa-solid fa-rotate fa-xs"></i>'.$buildreport_SFG_text.'
</div>
</div>
<div class="content-block stat">
<div class="data" onclick="location.href=\'index.php?page=equipments&productrowid=0&status=2\'">
<h3>'.$product_location_FG.'</h3>
<p>'.$query_total_sfg.'</p>
</div>
<i class="fas fa-clipboard-check"></i>
<div class="footer">
<i class="fa-solid fa-rotate fa-xs"></i>'.$buildreport_FG_text.'
</div>
</div>
<div class="content-block stat">
<div class="data" onclick="location.href=\'index.php?page=equipments&status=2\'">
<h3>'.$status2_text.'</h3>
<p>'.$query_total_onstock.'</p>
</div>
<i class="fa-solid fa-calendar-check"></i>
<div class="footer">
<i class="fa-solid fa-rotate fa-xs"></i>'.$buildreport_onstock_text.'
</div>
</div>
</div>';
$details_SFG = changeLogVisual(json_decode(json_encode($query_SFG_total), true), json_decode(json_encode($query_SFG_details), true));
$details_FG = changeLogVisual(json_decode(json_encode($query_FG_total), true),json_decode(json_encode($query_FG_details), true));
$view .= '
<div class="content-block-wrapper">
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>'.$data_build_sfg_view.'
</div>'.$details_SFG.'</div>
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>'.$data_build_fg_view.'
</div>'.$details_FG.'</div>
</div>
';
//OUTPUT
echo $view;
template_footer();

5
usage_reporting.php → report_usage.php
View File

@@ -10,8 +10,9 @@ if (debug && debug_id == $_SESSION['id']){
include_once './assets/functions.php';
include_once './settings/settings.php';
$page = 'report_usage';
//Check if allowed
if (debug_id != $_SESSION['id']){
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
header('location: index.php');
exit;
}
@@ -88,7 +89,7 @@ function usageReportingView($messages){
return $view;
}
template_header('Usage', 'usage');
template_header('Usage', 'report_usage','view');
$view = '
<div class="content-title">
<div class="title">

203
settings/settingsmenu.php Normal file
View File

@@ -0,0 +1,203 @@
<?php
//------------------------------------------
// Menusetup and settings
//
//
// Each Menu name in urls array requires reference
// into translation files and corresponding profile
//------------------------------------------
//Menu Setup
$main_menu = array ('dashboard','sales','build','cartests','marketing','equipments','products','reporting','admin','settings');
//Sub menus
$equipments_sub = array('equipments','servicereports','histories','firmwaretool','equipments_mass_update');
$sales_sub = array('accounts','contracts');
$admin_sub = array('users','communications','partners');
$reporting_sub = array('report_build','report_usage');
$settings_sub = array('config','language','log');
//URLS
$urls = array(
"dashboard" => array(
"url" => "dashboard",
"selected" => "dashboard",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_dashboard"
),
"equipments" => array(
"url" => "equipments",
"selected" => "assets",
"icon" => "fa-solid fa-database",
"name" => "menu_assets"
),
"servicereports" => array(
"url" => "servicereports",
"selected" => "servicereports",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_service_reports"
),
"histories" => array(
"url" => "histories",
"selected" => "histories",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_history"
),
"firmwaretool" => array(
"url" => "firmwaretool",
"selected" => "firmwaretool",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_firmwaretool"
),
"equipments_mass_update" => array(
"url" => "equipments_mass_update",
"selected" => "equipments_mass_update",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_equipments_mass_update"
),
"products" => array(
"url" => "products&status=1",
"selected" => "products",
"icon" => "fas fa-box-open",
"name" => "menu_products"
),
"sales" => array(
"url" => "accounts",
"selected" => "accounts",
"icon" => "fa-solid fa-bars",
"name" => "menu_sales"
),
"accounts" => array(
"url" => "accounts",
"selected" => "accounts",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_sales_accounts"
),
"contracts" => array(
"url" => "contracts",
"selected" => "contracts",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_sales_contracts"
),
"admin" => array(
"url" => "partners",
"selected" => "partners",
"icon" => "fa-solid fa-bars",
"name" => "menu_admin"
),
"users" => array(
"url" => "users",
"selected" => "users",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_admin_users"
),
"communications" => array(
"url" => "communications",
"selected" => "communications",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_admin_communications"
),
"partners" => array(
"url" => "partners",
"selected" => "partners",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_admin_partners"
),
"settings" => array(
"url" => "settings",
"selected" => "settings",
"icon" => "fas fa-tools",
"name" => "menu_settings"
),
"config" => array(
"url" => "settings",
"selected" => "settings",
"icon" => "fas fa-tools",
"name" => "menu_config"
),
"language" => array(
"url" => "language",
"selected" => "language",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_language"
),
"log" => array(
"url" => "logfile",
"selected" => "logfile",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_log"
),
"marketing" => array(
"url" => "marketing&product_group=Emergency_Plug&product_content=Images",
"selected" => "marketing",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_marketing"
),
"build" => array(
"url" => "buildtool",
"selected" => "buildtool",
"icon" => "fas fa-tachometer-alt",
"name" => "menu_build"
),
"cartests" => array(
"url" => "cartests",
"selected" => "cartests",
"icon" => "fa-solid fa-car",
"name" => "menu_cartest"
),
"reporting" => array(
"url" => "report_build",
"selected" => "report_build",
"icon" => "fa-solid fa-magnifying-glass-chart",
"name" => "menu_report_main"
),
"report_build" => array(
"url" => "report_build",
"selected" => "report_build",
"icon" => "fa-solid fa-magnifying-glass-chart",
"name" => "menu_report_build"
),
"report_usage" => array(
"url" => "report_usage",
"selected" => "report_usage",
"icon" => "fa-solid fa-magnifying-glass-chart",
"name" => "menu_report_usage"
)
);
$routes = array(
'/' => 'equipments.php',
'equipments' => 'equipments.php',
'products' => 'products.php',
'logout' => 'logout.php'
);
//------------------------------------------
// Paging
//------------------------------------------
$page_rows_equipment = 25; //list Equipment
$page_rows_history = 15; //list History
$page_rows_products = 10;//list producst
$page_rows_users = 15;//list users
$page_rows_partners = 15;//list partners
$page_rows_communication = 25; //list communications
$page_rows_accounts = 25 ;// list accounts
$page_rows_contracts = 25 ;// list contracts
$page_rows_cartest = 25 ;// list contracts
$page_rows_equipment_servicereporst = 5 ;// Number of service reports on equipment
$page_rows_changelog = 50 ;// Number of changelogs returned
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++
// Marketing +++++++++++++++++++++++++++++++++++++
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++
$main_marketing_dir = './marketing/';
$marketing_structure = array(
"Emergency_Plug" => array(
"Documents",
"Images",
"Video"
)
);

18
settings/translations/translations_DE.php
View File

@@ -21,6 +21,9 @@ $menu_log = 'Protokoll';
$menu_marketing = 'Marketing';
$menu_build = 'Erstellen';
$menu_cartest = 'Fahrzeugdatenbank';
$menu_report_main = 'Reports';
$menu_report_build = 'Stock and Production';
$menu_report_usage = 'System usage';
//TABS
$tab1 = 'Allgemein';
@@ -762,4 +765,17 @@ $cartest_allowed_label6 = 'Gelb';
$cartest_allowed_label7 = 'Blau';
$cartest_allowed_label8 = 'Rot';
$cartest_allowed_label9 = 'Bestanden';
$cartest_allowed_label10 = 'Nicht bestanden';
$cartest_allowed_label10 = 'Nicht bestanden';
//---------------------------------
//BUILD REPORT
//---------------------------------
$buildreport_h2 = 'Stock and Production';
$buildreport_p = 'Reporting';
$buildreport_raw_text = 'Total number '.$product_location_raw;
$buildreport_SFG_text = 'Total number '.$product_location_SFG;
$buildreport_FG_text = 'Total number '.$product_location_FG;
$buildreport_onstock_text = 'Total number '.$status2_text;
$data_build_sfg_view = $product_location_SFG.' produced in the last 7 days';
$data_build_fg_view = $product_location_FG.' produced in the last 7 days';

18
settings/translations/translations_NL.php
View File

@@ -21,6 +21,9 @@ $menu_log = 'Log';
$menu_marketing = 'Marketing';
$menu_build = 'Build';
$menu_cartest = 'Auto database';
$menu_report_main = 'Rapporten';
$menu_report_build = 'Voorraad en Productie';
$menu_report_usage = 'Systeemgebruik';
//TABS
$tab1 = 'Algemeen';
@@ -734,4 +737,17 @@ $cartest_allowed_label6 = 'Geel';
$cartest_allowed_label7 = 'Blauw';
$cartest_allowed_label8 = 'Rood';
$cartest_allowed_label9 = 'Goed';
$cartest_allowed_label10 = 'Fout';
$cartest_allowed_label10 = 'Fout';
//---------------------------------
//BUILD REPORT
//---------------------------------
$buildreport_h2 = 'Voorraad en Productie';
$buildreport_p = 'Rapporten';
$buildreport_raw_text = 'Totaal aantal '.$product_location_raw;
$buildreport_SFG_text = 'Totaal aantal '.$product_location_SFG;
$buildreport_FG_text = 'Totaal aantal '.$product_location_FG;
$buildreport_onstock_text = 'Totaal aantal '.$status2_text;
$data_build_sfg_view = $product_location_SFG.' geproduceerd in de laatste 7 dagen';
$data_build_fg_view = $product_location_FG.' geproduceerd in de laatste 7 dagen';

18
settings/translations/translations_US.php
View File

@@ -21,6 +21,9 @@ $menu_log = 'Log';
$menu_marketing = 'Marketing';
$menu_build = 'Build';
$menu_cartest = 'Car database';
$menu_report_main = 'Reports';
$menu_report_build = 'Stock and Production';
$menu_report_usage = 'System usage';
//TABS
$tab1 = 'General';
@@ -731,4 +734,17 @@ $cartest_allowed_label6 = 'Yellow';
$cartest_allowed_label7 = 'Blue';
$cartest_allowed_label8 = 'Red';
$cartest_allowed_label9 = 'Pass';
$cartest_allowed_label10 = 'Fail';
$cartest_allowed_label10 = 'Fail';
//---------------------------------
//BUILD REPORT
//---------------------------------
$buildreport_h2 = 'Stock and Production';
$buildreport_p = 'Reporting';
$buildreport_raw_text = 'Total number '.$product_location_raw;
$buildreport_SFG_text = 'Total number '.$product_location_SFG;
$buildreport_FG_text = 'Total number '.$product_location_FG;
$buildreport_onstock_text = 'Total number '.$status2_text;
$data_build_sfg_view = $product_location_SFG.' produced in the last 7 days';
$data_build_fg_view = $product_location_FG.' produced in the last 7 days';