pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update for BeWellWell my account en media_upload

Browse Source
This commit is contained in:
“VeLiTi”
2025-08-29 15:01:30 +02:00
parent 010b23b0e5
commit f8e089ffcd
20 changed files with 603 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

19
api.php
View File

@@ -149,6 +149,25 @@ if($is_jwt_valid && str_contains($version, 'v')) {
//------------------------------------------ //------------------------------------------
//CHECK IF USER IS ALLOWED TO CALL SPECIFIC API //CHECK IF USER IS ALLOWED TO CALL SPECIFIC API
//------------------------------------------ //------------------------------------------
//------------------------------------------
// First check if endPoint is fileUpload
//------------------------------------------
$fileUploadEndpoints = [
'media_upload'
];
$isFileUploadEndpoint = in_array($collection, $fileUploadEndpoints);
$hasValidFileData = !empty($_FILES) && $_SERVER['REQUEST_METHOD'] ==='POST';
if ($isFileUploadEndpoint && $hasValidFileData) {
$input = $_POST;
}
//------------------------------------------
// END check if endPoint is fileUpload
//------------------------------------------
if (isAllowed($collection,$profile,$permission,'R') === 1 && empty($input) && file_exists($api_file)){ if (isAllowed($collection,$profile,$permission,'R') === 1 && empty($input) && file_exists($api_file)){
include_once $api_file; include_once $api_file;

BIN
api/.DS_Store vendored
View File

Binary file not shown.

BIN
api/v1/.DS_Store vendored
View File

Binary file not shown.

BIN
api/v2/.DS_Store vendored
View File

Binary file not shown.

150
api/v2/get/appointment.php Normal file
View File

@@ -0,0 +1,150 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Appointments
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//NEW ARRAY
$criterias = [];
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
}
}
//GET SLOTS PER DEALER
if(isset($criterias['action']) && $criterias['action'] == 'get_slots' && isset($criterias['dealer_id']) && isset($criterias['year']) && isset($criterias['month'])){
//DECODE DEALER_ID
$dealer_id = decodeUuid($criterias['dealer_id']);
$year = (int)$criterias['year'];
$month = (int)$criterias['month'];
// Get the number of days in the month
$num_days = cal_days_in_month(CAL_GREGORIAN, $month, $year);
//GET OPENING_HOURS
$sql_opening_hours = 'SELECT opening_hours FROM dealers WHERE rowID = ?';
$stmt = $pdo->prepare($sql_opening_hours);
$stmt->execute([$dealer_id]);
$opening_hours = $stmt->fetch(PDO::FETCH_ASSOC);
$opening_hours = json_decode($opening_hours['opening_hours'],true);
if (empty($opening_hours)){
// Define opening hours
$opening_hours = [
1 => ['start' => '09:00', 'end' => '17:00'], // Monday
2 => ['start' => '09:00', 'end' => '17:00'], // Tuesday
3 => ['start' => '09:00', 'end' => '17:00'], // Wednesday
4 => ['start' => '09:00', 'end' => '17:00'], // Thursday
5 => ['start' => '09:00', 'end' => '17:00'], // Friday
6 => ['start' => '09:00', 'end' => '17:00'], // Saturday
7 => null // Sunday - Closed
];
} else {
// Convert all string "null" values to actual null
foreach ($opening_hours as $day => $hours) {
if ($hours === "null") {
$opening_hours[$day] = null;
}
}
}
// Initialize an array to store the available slots for the entire month
$all_available_slots = [];
// Initialize a counter for the slot IDs
$id_counter = 1;
// Iterate over each day in the month
for ($day = 1; $day <= $num_days; $day++) {
// Create a full date string
$full_date = sprintf("%04d-%02d-%02d", $year, $month, $day);
// Determine the day of the week (1 = Monday, 7 = Sunday)
$day_of_week = date('N', strtotime($full_date));
// Check if the day is open
if ($opening_hours[$day_of_week] === null) {
continue; // Skip closed days (Sunday)
}
// Get existing booked/unavailable slots for the day
$booked_slots_sql = "SELECT start_time, end_time FROM appointment_slots
WHERE DATE(start_time) = ? AND dealer_id = ? AND is_available = false";
$stmt = $pdo->prepare($booked_slots_sql);
$stmt->execute([$full_date, $dealer_id]);
$booked_result = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Store booked slots for the day
$booked_slots = [];
foreach ($booked_result as $row){
$booked_slots[] = [
'start' => substr($row['start_time'], 11, 5),
'end' => substr($row['end_time'], 11, 5)
];
}
// Generate all possible slots for the day
$start_time = new DateTime($full_date . ' ' . $opening_hours[$day_of_week]['start']);
$end_time = new DateTime($full_date . ' ' . $opening_hours[$day_of_week]['end']);
$interval = new DateInterval('PT1H');
// Iterate through each hour and check availability
while ($start_time < $end_time) {
$slot_end = clone $start_time;
$slot_end->add($interval);
// Check if this slot is booked
$is_available = true;
foreach ($booked_slots as $booked) {
$booked_start = new DateTime($full_date . ' ' . $booked['start']);
$booked_end = new DateTime($full_date . ' ' . $booked['end']);
if (($start_time >= $booked_start && $start_time < $booked_end) ||
($slot_end > $booked_start && $slot_end <= $booked_end)) {
$is_available = false;
break;
}
}
// If the slot is available, add it to the list
if ($is_available) {
$all_available_slots[] = [
'id' => $id_counter++,
'start_time' => $start_time->format('Y-m-d H:i:s'),
'end_time' => $slot_end->format('Y-m-d H:i:s')
];
}
$start_time->add($interval);
}
}
$messages = $all_available_slots;
} else {
$messages =['success' => false, 'slots' => ''];
}
//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
?>

28
api/v2/get/dealers.php
View File

@@ -55,7 +55,8 @@ if(isset($get_content) && $get_content!=''){
//Define Query //Define Query
if(isset($criterias['totals']) && $criterias['totals'] ==''){ if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows //Request for total rows
$sql = 'SELECT count(*) as count FROM dealers d '.$whereclause.''; $sql = 'SELECT count(*) as count FROM dealers d '.$whereclause;
} }
elseif (isset($criterias['list']) && $criterias['list'] ==''){ elseif (isset($criterias['list']) && $criterias['list'] ==''){
$sql = 'SELECT d.* FROM dealers d '.$whereclause; $sql = 'SELECT d.* FROM dealers d '.$whereclause;
@@ -64,6 +65,7 @@ else {
//SQL for Paging //SQL for Paging
$sql = 'SELECT d.*, m.full_path FROM dealers d LEFT JOIN media m ON d.dealer_media = m.rowID '.$whereclause.' LIMIT :page,:num_products'; $sql = 'SELECT d.*, m.full_path FROM dealers d LEFT JOIN media m ON d.dealer_media = m.rowID '.$whereclause.' LIMIT :page,:num_products';
} }
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);
//Bind to query //Bind to query
@@ -95,8 +97,18 @@ if (!empty($criterias)){
//Add paging details //Add paging details
if(isset($criterias['totals']) && $criterias['totals']==''){ if(isset($criterias['totals']) && $criterias['totals']==''){
$stmt->execute(); $stmt->execute();
$messages = $stmt->fetch(); $messages = $stmt->fetch();
$messages = $messages[0]; $messages = $messages[0];
//No further data transformation need
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
//exit
exit();
} }
elseif (isset($criterias['list']) && $criterias['list']==''){ elseif (isset($criterias['list']) && $criterias['list']==''){
//Excute Query //Excute Query
@@ -116,10 +128,20 @@ else {
} }
//------------------------------------------
//CHANGE ROWID INTO UUID
//------------------------------------------
function updateRowID($row) {
$row['rowID'] = encodeUuid($row['rowID']);
return $row;
}
$updatedData = array_map('updateRowID', $messages);
//------------------------------------------ //------------------------------------------
//JSON_ENCODE //JSON_ENCODE
//------------------------------------------ //------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE); $messages = json_encode($updatedData, JSON_UNESCAPED_UNICODE);
//Send results //Send results
echo $messages; echo $messages;

5
api/v2/get/identity.php
View File

@@ -50,6 +50,11 @@ if(isset($get_content) && $get_content!=''){
} }
} }
//ASSIGN DEALER ID TO IDENTITY
if(isset($criterias['userkey'])){
checkAndInsertIdentityDealer($pdo, $criterias['userkey']);
}
if(isset($criterias['totals']) && $criterias['totals'] ==''){ if(isset($criterias['totals']) && $criterias['totals'] ==''){
//Request for total rows //Request for total rows
$sql = 'SELECT count(*) as count from identity '.$whereclause.''; $sql = 'SELECT count(*) as count from identity '.$whereclause.'';

59
api/v2/get/identity_dealers.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
defined($security_key) or exit;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
//------------------------------------------
// dealers
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//NEW ARRAY
$criterias = [];
$messages = '';
//Check for $_GET variables and build up clause
if(isset($get_content) && $get_content!=''){
//GET VARIABLES FROM URL
$requests = explode("&", $get_content);
//Check for keys and values
foreach ($requests as $y){
$v = explode("=", $y);
//INCLUDE VARIABLES IN ARRAY
$criterias[$v[0]] = $v[1];
}
}
//IDENTITY REQUEST - override SQL
if(isset($criterias['identity_id'])){
$sql = 'SELECT d.*, m.full_path FROM identity_dealers id JOIN dealers d ON id.dealer_ID = d.rowID LEFT JOIN media m ON d.dealer_media = m.rowID WHERE identity_id='.$criterias['identity_id'].'';
$stmt = $pdo->prepare($sql);
//Excute Query
$stmt->execute();
//Get results
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
//------------------------------------------
//CHANGE ROWID INTO UUID
//------------------------------------------
function updateRowID($row) {
$row['rowID'] = encodeUuid($row['rowID']);
return $row;
}
$updatedData = array_map('updateRowID', $messages);
//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($updatedData, JSON_UNESCAPED_UNICODE);
}
//Send results
echo $messages;
?>

137
api/v2/post/appointment.php Normal file
View File

@@ -0,0 +1,137 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Appointment
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
//CONTENT FROM API (POST)
$post_content = json_decode($input,true);
//SET PARAMETERS FOR QUERY
$id = $post_content['id'] ?? ''; //check for rowID
$command = ($id == '')? 'insert' : 'update'; //IF rowID = empty then INSERT
if (isset($post_content['delete'])){$command = 'delete';} //change command to delete
$date = date('Y-m-d H:i:s');
//CREATE EMPTY STRINGS
$clause = '';
$clause_insert ='';
$input_insert = '';
if(isset($post_content['action']) && $post_content['action'] == 'book_appointment'){
//APPOINTMENT BOOKING
$dealer_id = $post_content['dealer_id'];
$name = $post_content['name'] ?? '';
$email = $post_content['email'] ?? '';
$phone = $post_content['phone'] ?? '';
$starttime = $post_content['starttime'] ?? '';
$endtime = $post_content['endtime'] ?? '';
// First check if the slot is still available
$sql = "SELECT start_time, end_time, is_available FROM appointment_slots WHERE start_time = ? AND end_time = ? AND is_available = ? AND dealer_id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$starttime,$endtime,1,$dealer_id]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['id'])){
$messages = ['success' => false, 'message' => 'This slot is no longer available'];
}
else {
try {
//INSERT TIMESLOT
$sql = "INSERT INTO appointment_slots (dealer_id, start_time, end_time, is_available,createdby) VALUES (?,?, ?, ?, ?)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$dealer_id,$starttime,$endtime,0,'system']);
$appointment_id = $pdo->lastInsertId();
//INSERT APPOINTMENT
$sql = "INSERT INTO appointments (appointment_slot_id, client_name, client_email, client_phone, appointment_status,createdby, dealer_id) VALUES (?,?,?,?,?,?,?)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$appointment_id,$name, $email, $phone,0,'system', $dealer_id]);
$messages = [
'success' => true,
'message' => 'Appointment requested successfully',
'appointment_id' => $appointment_id
];
} catch (Exception $e) {
// Roll back transaction on error
$pdo->rollback();
$messages = ['success' => false, 'message' => 'Error: ' . $e->getMessage()];
}
}
//------------------------------------------
//JSON_ENCODE
//------------------------------------------
$messages = json_encode($messages, JSON_UNESCAPED_UNICODE);
//Send results
echo $messages;
}
else {
//ADD STANDARD PARAMETERS TO ARRAY BASED ON INSERT OR UPDATE
if ($command == 'update'){
$post_content['updatedby'] = $username ;
}
elseif ($command == 'insert'){
$post_content['createdby'] = $username;
}
else {
//do nothing
}
//CREAT NEW ARRAY AND MAP TO CLAUSE
if(isset($post_content) && $post_content!=''){
foreach ($post_content as $key => $var){
if ($key == 'submit' || $key == 'id'){
//do nothing
}
else {
$criterias[$key] = $var;
$clause .= ' , '.$key.' = ?';
$clause_insert .= ' , '.$key.'';
$input_insert .= ', ?'; // ? for each insert item
$execute_input[]= $var; // Build array for input
}
}
}
//CLEAN UP INPUT
$clause = substr($clause, 2); //Clean clause - remove first comma
$clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
$input_insert = substr($input_insert, 1); //Clean clause - remove first comma
//QUERY AND VERIFY ALLOWED
if ($command == 'update' && isAllowed('appointment',$profile,$permission,'U') === 1){
$sql = 'UPDATE appointment SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
$execute_input[] = $id;
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
}
elseif ($command == 'insert' && isAllowed('appointment',$profile,$permission,'C') === 1){
$sql = 'INSERT INTO appointment ('.$clause_insert.') VALUES ('.$input_insert.')';
$stmt = $pdo->prepare($sql);
$stmt->execute($execute_input);
// Return ID
echo json_encode(array('rowID'=> $pdo->lastInsertId()));
}
elseif ($command == 'delete' && isAllowed('appointment',$profile,$permission,'D') === 1){
$stmt = $pdo->prepare('DELETE FROM appointment WHERE rowID = ? '.$whereclause.'');
$stmt->execute([ $id ]);
//Add deletion to changelog
changelog($dbname,'appointment',$id,'Delete','Delete',$username);
} else
{
//do nothing
}
}
?>

5
api/v2/post/dealers.php
View File

@@ -1,9 +1,6 @@
<?php <?php
defined($security_key) or exit; defined($security_key) or exit;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
//------------------------------------------ //------------------------------------------
// dealers // dealers
//------------------------------------------ //------------------------------------------

4
api/v2/post/identity.php
View File

@@ -96,8 +96,8 @@ elseif ($command == 'login'){
if (count($account) != 0){ if (count($account) != 0){
//CHECK NUMBER OF LOGIN ATTEMPTS IS BELOW 5 //CHECK NUMBER OF LOGIN ATTEMPTS IS BELOW 5 and account isverified
if($account['login_count'] < 5 || $account['isverified'] == 0 ){ if($account['login_count'] < 5 && $account['isverified'] == 1 ){
// If account exists verify password // If account exists verify password
if ($account && password_verify($post_content['password'], $account['password'])) { if ($account && password_verify($post_content['password'], $account['password'])) {

25
api/v2/post/mailer.php
View File

@@ -1,6 +1,8 @@
<?php <?php
defined($security_key) or exit; defined($security_key) or exit;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
//------------------------------------------ //------------------------------------------
// Products attributes // Products attributes
//------------------------------------------ //------------------------------------------
@@ -34,6 +36,13 @@ if (isset($post_content['type']) && $post_content['type'] !=''){
echo json_encode(array('status' => 'send')); echo json_encode(array('status' => 'send'));
break; break;
case 'register_identity':
//SEND MAIL
send_mail($mail_to,$mail_subject,$mail_content,'','');
echo json_encode(array('status' => 'send'));
break;
case 'reset': case 'reset':
//GET TEMPLATE //GET TEMPLATE
@@ -43,6 +52,20 @@ if (isset($post_content['type']) && $post_content['type'] !=''){
//SEND MAIL //SEND MAIL
send_mail($mail_to,$subject,$message,'',''); send_mail($mail_to,$subject,$message,'','');
break; break;
case 'sendInvite':
// Get appointment data from mail_content
$appointment = $post_content['content'];
if ($appointment && isset($appointment['starttime']) && isset($appointment['endtime'])) {
sendIcsCalendar($appointment, $post_content['to'], $post_content['subject']);
echo json_encode(array('status' => 'send'));
} else {
echo json_encode(array('status' => 'error', 'message' => 'Invalid appointment data'));
}
break;
} }
} }

60
api/v2/post/media_upload.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
defined($security_key) or exit;
//------------------------------------------
// Media_upload
//------------------------------------------
//Connect to DB
$pdo = dbConnect($dbname);
if (!isset($_FILES['image'])) {
echo json_encode(['error' => 'No file uploaded']);
exit;
}
$file = $_FILES['image'];
// Validate file type
$allowedTypes = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
$filename = $file['name'];
$ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!in_array($ext, $allowedTypes)) {
http_response_code(400);
echo json_encode(['error' => 'Invalid file type. Only JPEG, PNG, GIF, and WebP allowed.']);
exit;
}
$target_dir = dirname(__FILE__, 4)."/assets/images/media/";
$title = uniqid().'_'.time().'_'.$input['title'];
$full_path = $target_dir . $title;
$logical_dir = "assets/images/media/".$title;
if (move_uploaded_file($file['tmp_name'], $full_path)) {
//BUILD UP PARTNERHIERARCHY FROM USER
$partner_product = json_encode(array("salesid"=>$partner->salesid,"soldto"=>$partner->soldto), JSON_UNESCAPED_UNICODE);
//If succesfull recvieved store in DB
$insert_media_sql = 'INSERT INTO `media`(`title`, `full_path`, `createdby`,`accounthierarchy`) VALUES (?,?,?,?)';
$stmt = $pdo->prepare( $insert_media_sql);
$stmt->execute([$title,$logical_dir,$username,$partner_product]);
// Return ID
$media_rowID = $pdo->lastInsertId();
//assign picture to dealer
if(isset($input['dealer_id']) && !empty($input['dealer_id'])){
$dealer_id = decodeUuid($input['dealer_id']);
$update_dealer = 'UPDATE dealers SET dealer_media = ? , updatedby = ? WHERE rowID = ?';
$stmt = $pdo->prepare( $update_dealer);
$stmt->execute([$media_rowID,$username,$dealer_id]);
}
echo json_encode(['success' => true, 'path' => $logical_dir]);
}
else {
echo json_encode(['error' => 'Failed to move file']);
}
?>

108
assets/functions.php
View File

@@ -93,6 +93,77 @@ function send_mail($to, $subject, $message, $attachment, $attachment_name){
} }
function sendIcsCalendar($appointment, $to, $subject = 'Appointment Confirmation') {
include_once dirname(__FILE__,2).'/settings/config_redirector.php';
// Create unique identifier for the event
$uid = md5(uniqid(rand(), true)) . '@' . $_SERVER['HTTP_HOST'];
// Format times for ICS
$start_time = date('Ymd\THis\Z', strtotime($appointment['starttime']));
$end_time = date('Ymd\THis\Z', strtotime($appointment['endtime']));
$now = date('Ymd\THis\Z');
// Get appointment details with defaults
$description = isset($appointment['description']) ? $appointment['description'] : 'Your appointment has been confirmed.';
$location = isset($appointment['location']) ? $appointment['location'] : 'TBD';
$summary = isset($appointment['title']) ? $appointment['title'] : $subject;
// Create ICS content
$ics_content = "BEGIN:VCALENDAR\r\n";
$ics_content .= "VERSION:2.0\r\n";
$ics_content .= "PRODID:-//AssetMgt//AppointmentSystem//EN\r\n";
$ics_content .= "CALSCALE:GREGORIAN\r\n";
$ics_content .= "METHOD:REQUEST\r\n";
$ics_content .= "BEGIN:VEVENT\r\n";
$ics_content .= "DTSTART:" . $start_time . "\r\n";
$ics_content .= "DTEND:" . $end_time . "\r\n";
$ics_content .= "DTSTAMP:" . $now . "\r\n";
$ics_content .= "UID:" . $uid . "\r\n";
$ics_content .= "CREATED:" . $now . "\r\n";
$ics_content .= "DESCRIPTION:" . $description . "\r\n";
$ics_content .= "LAST-MODIFIED:" . $now . "\r\n";
$ics_content .= "LOCATION:" . $location . "\r\n";
$ics_content .= "SEQUENCE:0\r\n";
$ics_content .= "STATUS:CONFIRMED\r\n";
$ics_content .= "SUMMARY:" . $summary . "\r\n";
$ics_content .= "TRANSP:OPAQUE\r\n";
$ics_content .= "END:VEVENT\r\n";
$ics_content .= "END:VCALENDAR\r\n";
// Use PHPMailer for ICS calendar invitation
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->isSMTP();
$mail->Host = email_host_name;
$mail->SMTPAuth = true;
$mail->Username = email;
$mail->Password = email_outgoing_pw;
$mail->SMTPSecure = email_outgoing_security;
$mail->Port = email_outgoing_port;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS;
$mail->setFrom(email, mail_from);
$mail->addAddress($to);
$mail->addReplyTo(email_reply_to);
// PRIMARY METHOD: Set as content type (preferred)
$mail->ContentType = 'text/calendar; method=REQUEST; charset=UTF-8';
$mail->Subject = $subject;
$mail->Body = $ics_content;
// ALTERNATIVE: Also add as attachment for fallback
$mail->addStringAttachment($ics_content, 'appointment.ics', 'base64', 'text/calendar');
if (!$mail->send()) {
$tab = array('error' => 'Mailer Error: ' . $mail->ErrorInfo);
debuglog(json_encode($tab));
return false;
} else {
return true;
}
}
//------------------------------------------ //------------------------------------------
// Global functions // Global functions
//------------------------------------------ //------------------------------------------
@@ -4372,7 +4443,7 @@ function generateDealerInformation($token){
); );
if (isset($response[$key]) && (empty($response[$key]) || $response[$key] == '')) { if (isset($response[$key]) && (empty($response[$key]) || $response[$key] == '')) {
$new_content['rowID'] = encodeUuid($response['rowID']); $new_content['rowID'] = $response['rowID'];
$new_content[$key] = $generated_content[$key]; $new_content[$key] = $generated_content[$key];
} }
} }
@@ -4494,4 +4565,39 @@ function processPostContent(array $post_content): array
} }
return $post_content; return $post_content;
}
function checkAndInsertIdentityDealer($pdo, $identityUserkey) {
try {
$stmt = $pdo->prepare('SELECT id, email FROM identity WHERE userkey = ?');
$stmt->execute([$identityUserkey]);
$identity = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$identity) {
return false;
}
$stmt = $pdo->prepare('SELECT rowID FROM dealers WHERE email = ?');
$stmt->execute([$identity['email']]);
$dealer = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$dealer) {
return false;
}
$checkStmt = $pdo->prepare('SELECT COUNT(*) as count FROM identity_dealers WHERE dealer_id = ? AND identity_id = ?');
$checkStmt->execute([$dealer['rowID'], $identity['id']]);
$result = $checkStmt->fetch(PDO::FETCH_ASSOC);
if ($result['count'] == 0) {
$insertStmt = $pdo->prepare('INSERT INTO identity_dealers (dealer_id, identity_id) VALUES (?, ?)');
return $insertStmt->execute([$dealer['rowID'], $identity['id']]);
}
return false;
} catch (PDOException $e) {
error_log('Database error in checkAndInsertIdentityDealer: ' . $e->getMessage());
return false;
}
} }

10
custom/bewellwell/settings/settingsprofiles.php
View File

@@ -1,16 +1,16 @@
<?php <?php
/*Standard*/ /*Standard*/
define('standard_profile','profile,dealers,dealers_media,dealer,dealer_manage,changelog,media,media_scanner,application'); define('standard_profile','profile,dealers,dealers_media,dealer,dealer_manage,changelog,media,media_scanner,mailer,application,identity');
/*Superuser*/ /*Superuser*/
define('superuser_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,changelog,media,media_manage,media_scanner,application'); define('superuser_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,changelog,media,media_manage,media_scanner,application');
/*Admin*/ /*Admin*/
define('admin_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,admin,partners,partner,users,user,user_manage,communications,communication,changelog,application'); define('admin_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,admin,partners,partner,users,user,user_manage,communications,communication,changelog,mailer,application,identity,identity_dealers,appointment');
/*AdminPlus*/ /*AdminPlus*/
define('adminplus_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,categories,category,discounts,discount,shipping,shipping_manage,admin,partners,partner,users,user,user_manage,communications,communication,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,media_scanner,application,maintenance,uploader,profiles'); define('adminplus_profile','profile,dealers,dealers_media,dealer,dealer_manage,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,categories,category,discounts,discount,shipping,shipping_manage,admin,partners,partner,users,user,user_manage,communications,communication,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,media_scanner,mailer,application,maintenance,uploader,profiles,identity,identity_dealers,appointment');
/*Dealer*/ /*Dealer*/
define('dealer','profile,dealers,dealers_media,dealer,dealer_manage,changelog,media,media_scanner,application'); define('dealer','profile,dealers,dealers_media,dealer,dealer_manage,changelog,media,media_scanner,mailer,application,identity');
/*Commerce*/ /*Commerce*/
define('commerce','dashboard,profile,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,admin,partners,partner,users,user,user_manage,translations,translations_details,translation_manage,media,media_manage,application,uploader,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders,identity'); define('commerce','dashboard,profile,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,admin,partners,partner,users,user,user_manage,translations,translations_details,translation_manage,media,media_manage,application,uploader,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders,identity');
/*Interface*/ /*Interface*/
define('interface','dealers,dealers_media,dealer,users,application'); define('interface','dealers,dealers_media,dealer,users,mailer,application,identity,identity_dealers,appointment');
?> ?>

4
dealer.php
View File

@@ -54,7 +54,7 @@ if (isset($_GET['success_msg'])) {
template_header('Dealer', 'dealer', 'view'); template_header('Dealer', 'dealer', 'view');
$view = ' $view = '
<div class="content-title responsive-flex-wrap responsive-pad-bot-3"> <div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.($view_dealer_h2 ?? 'Dealer').' - '.encodeUuid($responses['rowID']).'</h2> <h2 class="responsive-width-100">'.($view_dealer_h2 ?? 'Dealer').' - '.$responses['rowID'].'</h2>
<a href="index.php?page='.$_SESSION['origin'].'&p='.$_SESSION['p'].$_SESSION['search'].$_SESSION['partnerid'].'" class="btn alt mar-right-2">'.$button_cancel.'</a> <a href="index.php?page='.$_SESSION['origin'].'&p='.$_SESSION['p'].$_SESSION['search'].$_SESSION['partnerid'].'" class="btn alt mar-right-2">'.$button_cancel.'</a>
'; ';
@@ -62,7 +62,7 @@ $view = '
// EDIT BUTTON // EDIT BUTTON
//------------------------------------ //------------------------------------
if ($update_allowed === 1){ if ($update_allowed === 1){
$view .= '<a href="index.php?page=dealer_manage&rowID='.encodeUuid($responses['rowID']).'" class="btn">Edit</a>'; $view .= '<a href="index.php?page=dealer_manage&rowID='.$responses['rowID'].'" class="btn">Edit</a>';
} }
$view .= '</div>'; $view .= '</div>';

4
dealer_manage.php
View File

@@ -187,7 +187,7 @@ $view .= '<div class="content-block tab-content active">
</div>'; </div>';
if (isset($_GET['rowID'])){ if (isset($_GET['rowID'])){
$view .= '<input type="hidden" name="rowID" value="'.(encodeUuid($responses['rowID']) ?? '').'">'; $view .= '<input type="hidden" name="rowID" value="'.($responses['rowID'] ?? '').'">';
} }
$view .= '<div class="content-block tab-content"> $view .= '<div class="content-block tab-content">
@@ -338,7 +338,7 @@ $view .= '<div class="content-block tab-content">
if (isset($responses['url']) && $responses['url'] !=''){ if (isset($responses['url']) && $responses['url'] !=''){
$view .= '<a href="index.php?page=media_scanner&domain='.$responses['url'].'&rowID='.encodeUuid($responses['rowID']).'" class="btn">'.($button_media_scanner ?? 'media_scanner').'</a>'; $view .= '<a href="index.php?page=media_scanner&domain='.$responses['url'].'&rowID='.$responses['rowID'].'" class="btn">'.($button_media_scanner ?? 'media_scanner').'</a>';
} }
$view .= ' $view .= '
</div> </div>

2
dealers.php
View File

@@ -111,7 +111,7 @@ $view .= '
<td>'.$dealer['name'].'</td> <td>'.$dealer['name'].'</td>
<td class="responsive-hidden">'.(($dealer['full_path'] !='')?'<img style="border-radius: 4px;height: 50px;" src="'.$dealer['full_path'].'" alt="">' : '').'</td> <td class="responsive-hidden">'.(($dealer['full_path'] !='')?'<img style="border-radius: 4px;height: 50px;" src="'.$dealer['full_path'].'" alt="">' : '').'</td>
<td class="responsive-hidden">'.getRelativeTime($dealer['created']).'</td> <td class="responsive-hidden">'.getRelativeTime($dealer['created']).'</td>
<td><a href="index.php?page=dealer&id='.encodeUuid($dealer['rowID']).'" class="btn_link">'.$general_view.'</a></td> <td><a href="index.php?page=dealer&id='.$dealer['rowID'].'" class="btn_link">'.$general_view.'</a></td>
</tr>'; </tr>';
} }
} }

5
settings/settingsviews.php
View File

@@ -86,6 +86,7 @@ $all_views = [
"translations_details", "translations_details",
"translation_manage", "translation_manage",
"media", "media",
"media_upload",
"media_manage", "media_manage",
"media_scanner", "media_scanner",
"mailer", "mailer",
@@ -103,7 +104,9 @@ $all_views = [
"invoice", "invoice",
"order", "order",
"orders", "orders",
"identity" "identity",
"identity_dealers",
"appointment"
]; ];
?> ?>