2020-01-23 12:10:33 +00:00
|
|
|
<?php
|
2020-01-27 15:07:44 +00:00
|
|
|
// DEPENDENCIES
|
2020-01-27 15:39:57 +00:00
|
|
|
use severak\forms\form;
|
|
|
|
|
|
2020-01-27 15:07:44 +00:00
|
|
|
$dependencies['config'] = $config;
|
|
|
|
|
$singletons['pdo'] = function() {
|
|
|
|
|
$config = di('config');
|
|
|
|
|
return new PDO('sqlite:' . __DIR__ . '/' . $config['database']);
|
|
|
|
|
};
|
|
|
|
|
$singletons['rows'] = function(){
|
|
|
|
|
return new severak\database\rows(di('pdo'));
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// ROUTY
|
2020-01-23 12:10:33 +00:00
|
|
|
|
2020-01-27 15:39:57 +00:00
|
|
|
// HP & LOGIN
|
2020-01-23 12:10:33 +00:00
|
|
|
route('', '/', function (){
|
2020-01-27 15:39:57 +00:00
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
return render('home');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
route('', '/login/', function ($req){
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
$form = new form(['method'=>'POST']);
|
|
|
|
|
$form->field('username', ['required'=>true, 'label'=>'Jméno']);
|
|
|
|
|
$form->field('password', ['type'=>'password', 'required'=>true, 'label'=>'Heslo']);
|
|
|
|
|
$form->field('_login', ['type'=>'submit', 'label'=>'Přihlásit se']);
|
|
|
|
|
|
|
|
|
|
if ($req->getMethod()=='POST') {
|
|
|
|
|
$form->fill($req->getParsedBody());
|
|
|
|
|
if ($form->validate()) {
|
|
|
|
|
$uz = $rows->one('users', ['username'=>$form->values['username']]);
|
|
|
|
|
if (!$uz) {
|
|
|
|
|
$form->error('username', 'Uživatel nenalezen');
|
|
|
|
|
} elseif (password_verify($form->values['password'], $uz['password'])) {
|
|
|
|
|
unset($uz['password']);
|
|
|
|
|
$_SESSION['user'] = $uz;
|
|
|
|
|
return redirect('/');
|
|
|
|
|
} else {
|
|
|
|
|
$form->error('password', 'Špatné heslo.');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return render('form', ['form'=>$form]);
|
2020-01-23 12:10:33 +00:00
|
|
|
});
|
|
|
|
|
|
2020-01-27 15:39:57 +00:00
|
|
|
route('', '/logout/', function ($req){
|
|
|
|
|
unset($_SESSION['user']);
|
|
|
|
|
unset($_SESSION['flashes']);
|
|
|
|
|
return redirect('/');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
route('', '/heslo/', function (){
|
|
|
|
|
return '123 - ' . password_hash('123', PASSWORD_BCRYPT);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// NABÍDKA
|
|
|
|
|
|
2020-01-27 16:07:05 +00:00
|
|
|
route('GET', '/nabidka/', function ($req){
|
2020-02-04 13:03:43 +00:00
|
|
|
if (!user()) return redirect('/login/');
|
2020-01-23 15:09:58 +00:00
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
$items = $rows->page('items', [], ['ord'=>'asc']);
|
|
|
|
|
|
|
|
|
|
return render('items', ['items'=>$items]);
|
|
|
|
|
});
|
|
|
|
|
|
2020-02-04 13:03:43 +00:00
|
|
|
$singletons['nabidka_form'] = function (){
|
2020-01-23 15:09:58 +00:00
|
|
|
$form = new severak\forms\form(['method'=>'POST']);
|
|
|
|
|
$form->field('name', ['required'=>true, 'label'=>'Název']);
|
|
|
|
|
$form->field('price', ['type'=>'number', 'label'=>'Cena']);
|
|
|
|
|
$form->field('note', ['type'=>'textarea', 'label'=>'Poznámka']);
|
|
|
|
|
$form->field('ord', ['type'=>'number', 'label'=>'Pořadí']);
|
|
|
|
|
$form->field('_save', ['type'=>'submit', 'label'=>'Přidat']);
|
|
|
|
|
|
|
|
|
|
$form->rule('price', function ($f){
|
|
|
|
|
return $f > 0 || $f < 0;
|
|
|
|
|
}, 'Cena nemůže být nulová.');
|
|
|
|
|
|
2020-02-04 13:03:43 +00:00
|
|
|
return $form;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
route('', '/nabidka/pridat/', function ($req){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
/** @var severak\forms\form $form */
|
|
|
|
|
$form = di('nabidka_form');
|
|
|
|
|
|
2020-01-23 15:09:58 +00:00
|
|
|
if ($req->getMethod()=='POST') {
|
|
|
|
|
$form->fill($req->getParsedBody());
|
|
|
|
|
if ($form->validate()) {
|
|
|
|
|
$rows->insert('items', [
|
|
|
|
|
'name'=>$form->values['name'],
|
|
|
|
|
'price'=>$form->values['price'],
|
|
|
|
|
'note'=>$form->values['note'],
|
|
|
|
|
'ord'=>$form->values['ord'],
|
|
|
|
|
]);
|
2020-01-27 16:07:05 +00:00
|
|
|
return redirect('/nabidka/');
|
2020-01-23 15:09:58 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-27 16:07:05 +00:00
|
|
|
return render('form', ['form'=>$form, 'title'=>'Přidat položku']);
|
|
|
|
|
});
|
|
|
|
|
|
2020-02-04 13:03:43 +00:00
|
|
|
route('', '/nabidka/upravit/{id}/', function ($req, $params){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
/** @var severak\forms\form $form */
|
|
|
|
|
$form = di('nabidka_form');
|
|
|
|
|
|
|
|
|
|
$item = $rows->one('items', $params['id']);
|
|
|
|
|
if (!$item) return notFound();
|
|
|
|
|
$form->fill($item);
|
|
|
|
|
|
|
|
|
|
if ($req->getMethod()=='POST') {
|
|
|
|
|
$form->fill($req->getParsedBody());
|
|
|
|
|
if ($form->validate()) {
|
|
|
|
|
$rows->update('items', [
|
|
|
|
|
'name'=>$form->values['name'],
|
|
|
|
|
'price'=>$form->values['price'],
|
|
|
|
|
'note'=>$form->values['note'],
|
|
|
|
|
'ord'=>$form->values['ord'],
|
|
|
|
|
], $params['id']);
|
|
|
|
|
return redirect('/nabidka/');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return render('form', ['form'=>$form, 'title'=>'Upravit položku']);
|
|
|
|
|
});
|
|
|
|
|
|
2020-01-27 16:07:05 +00:00
|
|
|
// TODO - tohle nechceme přes GET
|
2020-02-04 13:03:43 +00:00
|
|
|
route('', '/nabidka/smazat/{id}/', function ($req, $params){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
2020-01-27 16:07:05 +00:00
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
$rows->delete('items', (int) $params['id']);
|
|
|
|
|
return redirect('/nabidka/');
|
2020-01-28 14:03:07 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// ČLENOVÉ
|
2020-02-04 13:32:32 +00:00
|
|
|
route('', '/clenove/', function ($req){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
|
|
|
|
|
$searchFor = $_GET['searchFor'] ?? null;
|
2020-02-05 10:54:01 +00:00
|
|
|
$page = $_GET['page'] ?? 1;
|
|
|
|
|
|
|
|
|
|
if ($searchFor) {
|
|
|
|
|
$searchSql = '%' . $searchFor . '%';
|
|
|
|
|
$members = $rows->more('members', $rows->fragment('name LIKE ? OR email LIKE ? OR phone LIKE ?', [$searchSql, $searchSql, $searchSql]));
|
|
|
|
|
$pages = 1;
|
|
|
|
|
} else {
|
|
|
|
|
$members = $rows->page('members', [], ['name'=>'asc'], $page, 30);
|
|
|
|
|
$pages = $rows->pages;
|
|
|
|
|
}
|
2020-02-04 13:32:32 +00:00
|
|
|
|
2020-02-05 10:54:01 +00:00
|
|
|
return render('members', ['members'=>$members, 'page'=>$page, 'pages'=>$pages, 'searchFor'=>$searchFor]);
|
2020-02-04 13:32:32 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
2020-01-28 14:03:07 +00:00
|
|
|
route('', '/clenove/pridat/', function ($req){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
$user = user();
|
|
|
|
|
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
|
|
|
|
|
$form = new severak\forms\form(['method'=>'POST']);
|
|
|
|
|
$form->field('card_id', ['required'=>true, 'type'=>'number', 'label'=>'Číslo karty']);
|
|
|
|
|
$form->field('name', ['required'=>true, 'label'=>'Jméno']);
|
|
|
|
|
$form->field('email', ['type'=>'email', 'label'=>'E-mail']);
|
|
|
|
|
$form->field('phone', ['type'=>'phone', 'label'=>'Telefon']);
|
|
|
|
|
$form->field('date_of_birth', ['type'=>'date', 'label'=>'Datum narození']);
|
|
|
|
|
|
|
|
|
|
$form->field('_save', ['type'=>'submit', 'label'=>'Přidat']);
|
|
|
|
|
|
|
|
|
|
if ($req->getMethod()=='POST' && $form->fill($req->getParsedBody()) && $form->validate()) {
|
|
|
|
|
|
|
|
|
|
$card = $rows->one('cards', $form->values['card_id']);
|
|
|
|
|
if ($card) {
|
|
|
|
|
$form->error('card_id', 'Karta již je registrovaná v systému!');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TODO - tyhle duplikáty řešit jinak
|
|
|
|
|
if ($rows->one('members', ['name'=>$form->values['name']])) {
|
|
|
|
|
$form->error('name', 'Tento člen již kartičku má!');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!empty($form->values['email']) && $rows->one('members', ['email'=>$form->values['email']])) {
|
|
|
|
|
$form->error('email', 'Tento email již má některý člen.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!empty($form->values['phone']) && $rows->one('members', ['phone'=>$form->values['phone']])) {
|
|
|
|
|
$form->error('phone', 'Tento telefon již má některý člen.!');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($form->isValid) {
|
|
|
|
|
$memberId = $rows->insert('members', [
|
|
|
|
|
'name'=>$form->values['name'],
|
|
|
|
|
'email'=>$form->values['email'],
|
|
|
|
|
'phone'=>$form->values['phone'],
|
|
|
|
|
'date_of_birth'=>$form->values['date_of_birth'],
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$rows->insert('cards', [
|
|
|
|
|
'id'=>$form->values['card_id'],
|
|
|
|
|
'member_id'=>$memberId,
|
|
|
|
|
'issued_by'=>$user['id'],
|
|
|
|
|
'issued_at'=>time(),
|
|
|
|
|
'is_active'=>1
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
flash('Člen byl úspěšně registrován.');
|
|
|
|
|
return redirect('/');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return render('form', ['form'=>$form, 'title'=>'Přidat člena']);
|
2020-02-04 13:32:32 +00:00
|
|
|
});
|
|
|
|
|
|
2020-02-05 11:49:04 +00:00
|
|
|
// TODO - editace a deaktivace členů
|
|
|
|
|
|
|
|
|
|
// POKLADNA:
|
|
|
|
|
route('','/pokladna/', function(){
|
|
|
|
|
return render('pokladna', ['title'=>'pokladna']);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
route('', '/pokladna/dobit/', function ($req){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
$user = user();
|
|
|
|
|
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
|
|
|
|
|
$form = new form(['method'=>'post']);
|
|
|
|
|
$form->field('card_id', ['required'=>true, 'type'=>'number', 'label'=>'Číslo karty']);
|
|
|
|
|
$form->field('amount', ['required'=>true, 'type'=>'number', 'label'=>'Částka']);
|
|
|
|
|
$form->field('_sbt', ['label'=>'Vložit', 'type'=>'submit']);
|
|
|
|
|
|
|
|
|
|
// TODO - zde kontrolovat maxmální a minimální výši nabití
|
|
|
|
|
|
|
|
|
|
if ($req->getMethod()=='POST' && $form->fill($req->getParsedBody()) && $form->validate()) {
|
|
|
|
|
$card = $rows->one('cards', ['id'=>$form->values['card_id'], 'is_active'=>1]);
|
|
|
|
|
if (!$card) {
|
|
|
|
|
$form->error('card_id', 'Neznámá/neplatná karta!');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($card) {
|
|
|
|
|
$member = $rows->one('members', $card['member_id']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($form->isValid) {
|
|
|
|
|
// BIG TODO - tohle dělat v databázové transakci
|
|
|
|
|
$rows->insert('transactions', [
|
|
|
|
|
'member_id' => $member['id'],
|
|
|
|
|
'card_id' => $card['id'],
|
|
|
|
|
'issued_by'=>$user['id'],
|
|
|
|
|
'issued_at'=>time(),
|
|
|
|
|
'amount'=>$form->values['amount'],
|
|
|
|
|
'is_cash'=>1
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$rows->execute($rows->query('UPDATE members SET balance = balance + ? WHERE id=?', [$form->values['amount'], $member['id']]));
|
|
|
|
|
|
|
|
|
|
flash('Kredit úspěšně dobit!', 'success');
|
|
|
|
|
|
|
|
|
|
return redirect('/');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return render('form', ['form'=>$form, 'title'=>'Dobít kartu']);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// TODO - zůstatek, vybrat
|
|
|
|
|
|
2020-02-05 12:20:44 +00:00
|
|
|
// BAR:
|
|
|
|
|
|
|
|
|
|
route('GET', '/bar/', function ($req){
|
|
|
|
|
if (!user()) return redirect('/login/');
|
|
|
|
|
$user = user();
|
|
|
|
|
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
$nabidka = $rows->more('items', [], ['ord'=>'asc']);
|
|
|
|
|
|
|
|
|
|
return render('bar', ['items'=>$nabidka]);
|
|
|
|
|
});
|
|
|
|
|
|
2020-02-05 16:17:44 +00:00
|
|
|
route('POST', '/bar/userinfo/', function ($req){
|
|
|
|
|
if (!user()) return jsonResponse(['error'=>'Unauthorized.'], 403);
|
2020-02-05 12:20:44 +00:00
|
|
|
|
2020-02-05 16:17:44 +00:00
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
|
|
|
|
|
$Q = $req->getParsedBody();
|
|
|
|
|
|
|
|
|
|
$card = $rows->one('cards', $Q['card_id']);
|
|
|
|
|
|
|
|
|
|
if (!$card || !$card['is_active']) {
|
|
|
|
|
return jsonResponse(['error'=>'Karta není aktivní.']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$member = $rows->one('members', $card['member_id']);
|
|
|
|
|
|
|
|
|
|
if ($member['balance']==0) {
|
|
|
|
|
return jsonResponse(['error'=>'Karta není nabitá.']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$dobMember = date_create($member['date_of_birth']);
|
|
|
|
|
$before18Years = date_create('now - 18 years');
|
|
|
|
|
|
|
|
|
|
$canBuyAlcohol = $dobMember && ($dobMember < $before18Years);
|
|
|
|
|
|
|
|
|
|
return jsonResponse([
|
|
|
|
|
'name' => $member['name'],
|
|
|
|
|
'balance' => $member['balance'],
|
|
|
|
|
'can_buy_alcohol' => $canBuyAlcohol,
|
|
|
|
|
]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
route('POST', '/bar/buy/', function ($req){
|
2020-02-06 11:16:20 +00:00
|
|
|
if (!user()) return jsonResponse(['error'=>'Vypršelo přihlášení.']);
|
|
|
|
|
$user = user();
|
2020-02-05 16:17:44 +00:00
|
|
|
|
|
|
|
|
/** @var Psr\Http\Message\ServerRequestInterface $req */
|
|
|
|
|
/** @var severak\database\rows $rows */
|
|
|
|
|
$rows = di('rows');
|
|
|
|
|
|
|
|
|
|
$Q = $req->getParsedBody();
|
|
|
|
|
|
|
|
|
|
$card = $rows->one('cards', $Q['card_id']);
|
|
|
|
|
|
2020-02-06 11:16:20 +00:00
|
|
|
if ($card && $card['is_blocked']) {
|
|
|
|
|
return jsonResponse(['error'=>'Karta je zablokovaná.']);
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-05 16:17:44 +00:00
|
|
|
if (!$card || !$card['is_active']) {
|
|
|
|
|
return jsonResponse(['error'=>'Karta není aktivní.']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$member = $rows->one('members', $card['member_id']);
|
|
|
|
|
|
2020-02-06 11:16:20 +00:00
|
|
|
if ($member['balance']<1) {
|
2020-02-05 16:17:44 +00:00
|
|
|
return jsonResponse(['error'=>'Karta není nabitá.']);
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-06 11:16:20 +00:00
|
|
|
$totalSum = 0;
|
|
|
|
|
foreach ($Q['items'] as $item) {
|
|
|
|
|
$totalSum = $totalSum + ($item['price'] * $item['amount']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($member['balance']<$totalSum) {
|
|
|
|
|
return jsonResponse(['error'=>'Na kartě není dostatek peněz.', 'balance'=>$member['balance']]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$rows->insert('transactions', [
|
|
|
|
|
'member_id' => $member['id'],
|
|
|
|
|
'card_id' => $card['id'],
|
|
|
|
|
'issued_by'=>$user['id'],
|
|
|
|
|
'issued_at'=>time(),
|
|
|
|
|
'amount'=>$totalSum * -1,
|
|
|
|
|
'items' => json_encode($Q['items']),
|
|
|
|
|
'is_cash'=>0
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$rows->execute($rows->query('UPDATE members SET balance = balance - ? WHERE id=?', [$totalSum, $member['id']]));
|
2020-02-05 16:17:44 +00:00
|
|
|
|
2020-02-06 11:16:20 +00:00
|
|
|
return jsonResponse(['success'=>true]);
|
2020-02-05 16:17:44 +00:00
|
|
|
});
|
