· 4 years ago · May 14, 2021, 12:44 AM
1<?php
2
3session_start();
4date_default_timezone_set('Europe/Oslo');
5ini_set('max_execution_time', 0);
6set_time_limit(0);
7
8include('includes/functions.php');
9
10$method = '';
11if(isset($_POST['method'])) { $method = p($_POST['method']); }
12
13switch ($method) {
14 case 'verifyOrgNr':
15 verifyOrgNr();
16 break;
17 case 'tyreChangeCheckForTyreOffers':
18 tyreChangeCheckForTyreOffers();
19 break;
20 case 'tyreChangeDekkhotellOrderWithoutLogin':
21 tyreChangeDekkhotellOrderWithoutLogin();
22 break;
23 case 'fetchTyresDekkhotellOrderStatus':
24 fetchTyresDekkhotellOrderStatus();
25 break;
26 case 'getTimeSlots':
27 getTimeSlots();
28 break;
29 case 'getServices':
30 getServices();
31 break;
32 case 'loginCustomer':
33 loginCustomer();
34 break;
35 case 'tyreOrderWithoutLogin':
36 tyreOrderWithoutLogin();
37 break;
38 case 'registerCustomer':
39 registerCustomer();
40 break;
41 case 'checkUsername':
42 checkUsername();
43 break;
44 case 'tyreChanged':
45 tyreChanged();
46 break;
47 case 'suggestUsername':
48 suggestUsername();
49 break;
50 case 'saveTyreOffer':
51 saveTyreOffer();
52 break;
53 case 'recommendTyreOffer':
54 recommendTyreOffer();
55 break;
56 case 'replyPrivateCustomer':
57 replyPrivateCustomer();
58 break;
59 case 'savePrivateCustomerDetails';
60 savePrivateCustomerDetails();
61 break;
62 case 'changeDeliveryDate':
63 changeDeliveryDate();
64 break;
65 case 'confirmOrderPickup':
66 confirmOrderPickup();
67 break;
68 case 'searchHistory':
69 searchHistory();
70 break;
71 case 'receivedTyre':
72 receivedTyre();
73 break;
74 case 'showOrderDetails':
75 showOrderDetails();
76 break;
77 case 'setNewPass':
78 setNewPass();
79 break;
80 case 'validatePassID':
81 validatePassID();
82 break;
83 case 'sendPassID':
84 sendPassID();
85 break;
86 case 'logoutCustomer':
87 logoutCustomer();
88 break;
89 case 'confirmOrder':
90 confirmOrder();
91 break;
92 case 'getTyresList':
93 getTyresList();
94 break;
95 case 'searchEntry':
96 searchEntry();
97 break;
98 case 'deleteRow':
99 deleteRow();
100 break;
101 default: echo '<script> alert("You are now being Tracked"); </script>'; die;
102}
103
104// customerLoggedIn() - check customerID whether its in DB or not -- use $_SESSION
105// tyres - id, filed, issued, department, regNr, location, tyreSize, pattern, season, washed, condition, stored, ordered, customerID, orderID, orgNr,
106
107function verifyOrgNr() {
108 $con = dbCon();
109
110 $orgNr = p($_POST['orgNr']);
111
112 $url = 'http://***.no/management/api/functions.php';
113 $postData = [
114 'method' => 'verifyOrgNrForTyreShop',
115 'orgNr' => $orgNr
116 ];
117 $response = get_web_page($url, $postData);
118 $resArr = array();
119 $resArr = json_decode($response);
120
121 if(!is_object($resArr)) {
122 $r = ['failed'];
123 echo json_encode($r);
124 return;
125 }
126
127 if($resArr->result == 'success') {
128 $r = ['success'];
129 echo json_encode($r);
130 return;
131 }else {
132 $r = ['incorrect'];
133 echo json_encode($r);
134 return;
135 }
136}
137
138function tyreChangeCheckForTyreOffers() {
139
140 foreach($_POST as $key=>$value) {
141 if($key == 'serviceIDs') { continue; }
142 if(p($value) == '') {
143 $r = ['empty fields'];
144 echo json_encode($r);
145 return;
146 }
147 }
148 $con = dbCon();
149
150 $regNr = p($_POST['regNr']);
151 $name = p($_POST['name']);
152 $mobile = p($_POST['mobile']);
153 $date = p($_POST['date']);
154 $type = p($_POST['workType']);
155 $serviceIDs = p($_POST['serviceIDs']);
156 //$time = p($_POST['time']);
157 $price = p($_POST['price']);
158 $totalTime = (int)p($_POST['totalTime']);
159 $workType = 'Tyre Change Dekkhotell';
160 $privateCustomerID = 0;
161 $tyreOfferTr = '';
162
163 //$q = mysqli_query($con, "SELECT * FROM private_customer WHERE (firstName LIKE '%$name%' OR lastName LIKE '%$name%') AND mobile LIKE '%$mobile%' AND regNr LIKE '%$regNr%'"); {
164 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$regNr%' AND tyreID != ''");
165 if(mysqli_num_rows($q) > 0) {
166 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
167 $privateCustomerID = (int)$f['id'];
168
169 /*$q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE privateCustomerID=$privateCustomerID AND regNr='$regNr' AND changed=0 AND workOrderID=0");
170 if(mysqli_num_rows($q) == 0) {
171 $r = ['already ordered'];
172 echo json_encode($r);
173 return;
174 }*/
175 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE privateCustomerID=$privateCustomerID AND regNr='$regNr'");
176 if(mysqli_num_rows($q) == 0) {
177
178 if($f['tyreID'] != '') {
179 if(strpos($f['tyreID'], ',') !== false) {
180 $tyreIDs = explode(',', $f['tyreID']);
181 $regNrs = explode(',', $f['regNr']);
182 $i = 0;
183 foreach($regNrs as $rNr) {
184 if($rNr == '') { continue; }
185 if(strtolower($rNr) == strtolower($regNr)) { break; }
186 $i++;
187 }
188 $j = 0;
189 foreach($tyreIDs as $tID) {
190 if($tID == '') { continue; }
191 if($j == $i) {
192 $tyreID = $tID;
193 break;
194 }
195 $j++;
196 }
197 //$tyreID = $tyreIDs[$i];
198 }
199 else {
200 $tyreID = $f['tyreID'];
201 }
202 }
203 else {
204 $r = ['failed'];
205 echo json_encode($r);
206 return;
207 }
208
209 $r = ['no offer', $privateCustomerID, $tyreID];
210 echo json_encode($r);
211 return;
212 }else {
213 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
214 if($f['changed'] != 0 || $f['workOrderID'] != 0 || $f['changedOn'] != '' || $f['selectedType'] != '') {
215 $r = ['already ordered'];
216 echo json_encode($r);
217 return;
218 }
219 }
220 }else {
221 $r = ['customer not found'];
222 echo json_encode($r);
223 return;
224 }
225
226 //check for tyre offers for this customer
227 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE privateCustomerID=$privateCustomerID AND regNr='$regNr' AND selectedType='' AND changed=0 AND workOrderID=0 AND changedOn='' ");
228 if(mysqli_num_rows($q) > 0) {
229 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
230 $tyreID = (int)$f['tyreID'];
231 $offerID = (int)$f['id'];
232 $trColorB = $trColorM = $trColorP = '';
233 $recommendedButtonB = $recommendedButtonM = $recommendedButtonP = '';
234
235 if($f['recommendedType'] == 'b') {
236 $trColorB = 'style="background-color:#ffd7d7; font-weight:bold;"';
237 $recommendedButtonB = '<input type="button" class="redButton" value="Recommended" disabled />';
238 }else if($f['recommendedType'] == 'm') {
239 $trColorM = 'style="background-color:#ffd7d7; font-weight:bold;"';
240 $recommendedButtonM = '<input type="button" class="redButton" value="Recommended" disabled />';
241 }else if($f['recommendedType'] == 'p') {
242 $trColorP = 'style="background-color:#ffd7d7; font-weight:bold;"';
243 $recommendedButtonP = '<input type="button" class="redButton" value="Recommended" disabled />';
244 }
245
246 if($f['size_b'] == '' || $f['brand_b'] == '' || $f['price_b'] == '' || $f['model_b'] == '' || $f['count_b'] == '') {
247 $acceptButtonB = '';
248 }else { $acceptButtonB = '<input type="button" class="greenButton acceptButton_b'.$tyreID.' acceptButton'.$tyreID.'" value="Accept" onclick="acceptOffer('.$tyreID.', \'b\', '.$privateCustomerID.', '.$offerID.', 0)" /> '; }
249 if($f['size_m'] == '' || $f['brand_m'] == '' || $f['price_m'] == '' || $f['model_m'] == '' || $f['count_m'] == '') {
250 $acceptButtonM = '';
251 }else { $acceptButtonM = '<input type="button" class="greenButton acceptButton_m'.$tyreID.' acceptButton'.$tyreID.'" value="Accept" onclick="acceptOffer('.$tyreID.', \'m\', '.$privateCustomerID.', '.$offerID.', 0)" /> '; }
252 if($f['size_p'] == '' || $f['brand_p'] == '' || $f['price_p'] == '' || $f['model_p'] == '' || $f['count_p'] == '') {
253 $acceptButtonP = '';
254 }else { $acceptButtonP = '<input type="button" class="greenButton acceptButton_p'.$tyreID.' acceptButton'.$tyreID.'" value="Accept" onclick="acceptOffer('.$tyreID.', \'p\', '.$privateCustomerID.', '.$offerID.', 0)" /> '; }
255
256
257
258 $tyreOfferTr .= '<tr '.$trColorB.' class="tr_b'.$tyreID.'">';
259 $tyreOfferTr .= '<td>Budget Tyre</td>';
260 $tyreOfferTr .= '<td>'.$f['size_b'].'</td>';
261 $tyreOfferTr .= '<td>'.$f['price_b'].'</td>';
262 $tyreOfferTr .= '<td>'.$f['brand_b'].'</td>';
263 $tyreOfferTr .= '<td>'.$f['model_b'].'</td>';
264 $tyreOfferTr .= '<td>'.$f['count_b'].'</td>';
265 $tyreOfferTr .= '<td>'.$acceptButtonB.$recommendedButtonB.'</td>';
266 $tyreOfferTr .= '</tr>';
267 $tyreOfferTr .= '<tr '.$trColorM.' class="tr_m'.$tyreID.'">';
268 $tyreOfferTr .= '<td>Middle Tyre</td>';
269 $tyreOfferTr .= '<td>'.$f['size_m'].'</td>';
270 $tyreOfferTr .= '<td>'.$f['price_m'].'</td>';
271 $tyreOfferTr .= '<td>'.$f['brand_m'].'</td>';
272 $tyreOfferTr .= '<td>'.$f['model_m'].'</td>';
273 $tyreOfferTr .= '<td>'.$f['count_m'].'</td>';
274 $tyreOfferTr .= '<td>'.$acceptButtonM.$recommendedButtonM.'</td>';
275 $tyreOfferTr .= '</tr>';
276 $tyreOfferTr .= '<tr '.$trColorP.' class="tr_p'.$tyreID.'">';
277 $tyreOfferTr .= '<td>Premium Tyre</td>';
278 $tyreOfferTr .= '<td>'.$f['size_p'].'</td>';
279 $tyreOfferTr .= '<td>'.$f['price_p'].'</td>';
280 $tyreOfferTr .= '<td>'.$f['brand_p'].'</td>';
281 $tyreOfferTr .= '<td>'.$f['model_p'].'</td>';
282 $tyreOfferTr .= '<td>'.$f['count_p'].'</td>';
283 $tyreOfferTr .= '<td>'.$acceptButtonP.$recommendedButtonP.'</td>';
284 $tyreOfferTr .= '</tr>';
285
286 }
287
288 if($tyreOfferTr != '') {
289 $tableHtml = '<div style=" overflow:auto; ">
290 <table class="admin" style="">
291 <tbody class="tyreOffersTbody">
292 <tr class="headAdmin" style="padding:3px;">
293 <th>Offer Type</th>
294 <th>Size</th>
295 <th>Price</th>
296 <th>Brand</th>
297 <th>Model</th>
298 <th>How many</th>
299 <th></th>
300 </tr>
301 '.$tyreOfferTr.'
302 </tbody>
303 </table>
304 </div>';
305
306 $r = ['success', $tableHtml, $privateCustomerID, $tyreID];
307 echo json_encode($r);
308 return;
309 }
310 $r = ['no offer'];
311 echo json_encode($r);
312 return;
313}
314
315function tyreChangeDekkhotellOrderWithoutLogin() {
316
317 foreach($_POST as $key=>$value) {
318 if($key == 'serviceIDs' || $key = 'email') { continue; }
319 if(p($value) == '') {
320 $r = ['empty fields'];
321 echo json_encode($r);
322 return;
323 }
324 }
325 $con = dbCon();
326
327 $regNr = p($_POST['regNr']);
328 $name = p($_POST['name']);
329 $mobile = p($_POST['mobile']);
330 $date = p($_POST['date']);
331 $type = p($_POST['workType']);
332 $serviceIDs = p($_POST['serviceIDs']);
333 $time = p($_POST['time']);
334 $price = p($_POST['price']);
335 $totalTime = (int)p($_POST['totalTime']);
336 $workType = 'Tyre Change';
337 $privateCustomerID = (int)p($_POST['pCID']);
338 $offerID = (int)p($_POST['offerID']);
339 $tyreID = (int)p($_POST['tyreID']);
340 $tyreIDs = $tyreID.',';
341 $selType = p($_POST['selType']);
342 $email = p($_POST['email']);
343 $paymentDone = (int)p($_POST['paymentDone']);
344 $paymentMode = p($_POST['paymentMode']);
345 if($paymentMode == 'orgNr' || $paymentMode == 'payAtShop') {
346 $paymentDone = 1;
347 }
348
349 $error = 0;
350 $tyreType = $size = $brand = '';
351 if($selType == 'b') { $tyreType = 'Budget Tyre'; }
352 else if($selType == 'm') { $tyreType = 'Middle Tyre'; }
353 else if($selType == 'p') { $tyreType = 'Premium Tyre'; }
354
355 if($offerID != 0) {
356 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE id=$offerID AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND changed=0 AND workOrderID=0");
357 if(mysqli_num_rows($q) == 0) {
358 $r = ['customer not found'];
359 echo json_encode($r);
360 return;
361 }else {
362 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
363 $size = $f['size_'.$selType];
364 $brand = $f['brand_'.$selType];
365 $model = $f['model_'.$selType];
366 $price = $f['price_'.$selType];
367 }
368 }
369
370 $services = '';
371 if($serviceIDs != '') {
372 $sIDs = explode(',', $serviceIDs);
373 foreach($sIDs as $sID) {
374 if($sID == '' || $sID == 'undefined') { continue; }
375 $fs = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM misc WHERE property='services' AND id=$sID"), MYSQLI_ASSOC);
376 $servicePrice = (int)$fs['attribute2'];
377 $totalService = (int)p($_POST['service'.$sID]) / $servicePrice;
378 $services .= $fs['attribute1'].'('.$totalService.'), ';
379 }
380 }
381
382 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE id=$privateCustomerID");
383 if(mysqli_num_rows($q) > 0) {
384 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
385 $companyID = $f['companyID'];
386 $name = $f['firstName'].' '.$f['lastName'];
387 $q = mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID");
388 if(mysqli_num_rows($q) > 0) {
389 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
390 $orgNr = $f['orgNr'];
391 $companyName = $f['name'];
392 }else { $error = 1; }
393 $q = mysqli_query($con, "SELECT * FROM customers WHERE companyID = $companyID");
394 if(mysqli_num_rows($q) > 0) {
395 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
396 $customerID = $f['id'];
397 }else { $error = 1; }
398 }else {
399 $error = 1;
400 }
401
402 $deliveryID = random_string(20);
403 $orderedOn = date('d/m/Y H:i');
404 $changeTime = date('H:i', strtotime($time));
405 $deliveryTime = date('H:i', strtotime($changeTime)-(60*30));
406 $deliveryDate = $date.' '.$deliveryTime;
407 $deliveryDateTable = date('d.m.Y H:i', strtotime($deliveryDate));
408 if($offerID != 0) {
409 $workType = 'Offer Tyre Change';
410 }
411 $place = 'At warehouse';
412
413 if($offerID != 0) {
414 if($paymentDone == 1) {
415 /*$q = mysqli_query($con, "UPDATE tyre_offers SET tyreChangeDate='$date', tyreChangeTime='$time', selectedType = '$selType', orderedOn='$orderedOn' WHERE tyreID=$tyreID AND privateCustomerID=$privateCustomerID ");
416 $q2 = mysqli_query($con, "UPDATE tyres SET ordered=1, deliveryID = '$deliveryID' WHERE id=$tyreID");
417 $q3 = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryID', '$orderedOn', $customerID, '$deliveryDateTable', '', 1, '$tyreID', 'Processing', '$orgNr', '', 0, 0)");
418 $newDeliveryID = mysqli_insert_id($con);
419 if(!$q || !$q2 || !$q3) {
420 $r = ['failed'];
421 echo json_encode($r);
422 return;
423 }*/
424 }
425
426 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID");
427 if(mysqli_num_rows($q) > 0) {
428 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
429 $tyreLocation = $f['location'];
430 }else { $error = 1; }
431
432 $arr = [
433 'services'=>$services,
434 'offerID' => $offerID,
435 'serviceIDs' => $serviceIDs,
436 'privateCustomerID' => $privateCustomerID,
437 'companyID' => $companyID,
438 'companyName' => $companyName,
439 'tyreLocation' => $tyreLocation,
440 'tyreType' => $tyreType,
441 'size' => $size,
442 'brand' => $brand,
443 'model' => $model,
444 'price' => $price,
445 'workType' => $workType,
446 'place' => $place,
447 'name' => $name,
448 'paymentMode' => $paymentMode
449 ];
450
451 $misc = json_encode($arr);
452 //$misc = http_build_query($arr);
453 $method = 'assignNormalTyreChangeWork';
454
455 }
456 else {
457 if($paymentDone == 1) {
458 /*$q = mysqli_query($con, "UPDATE tyres SET ordered=1, deliveryID = '$deliveryID' WHERE id=$tyreID");
459 $q2 = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryID', '$orderedOn', $customerID, '$deliveryDateTable', '', 1, '$tyreID', 'Processing', '$orgNr', '', 0, 0)");
460 $newDeliveryID = mysqli_insert_id($con);
461 if(!$q || !$q2) {
462 $r = ['failed'];
463 echo json_encode($r);
464 return;
465 }*/
466 }
467
468 $misc = '';
469 $method = 'tyreOrderWithoutLogin';
470 }
471
472 $pay = array();
473 if($paymentDone == 1 && $paymentMode == 'payNow') {
474 $pay['amount'] = p($_POST['amount']);
475 $pay['cardNo'] = p($_POST['cardNo']);
476 $pay['currency'] = p($_POST['currency']);
477 $pay['payDate'] = p($_POST['payDate']);
478 $pay['eci'] = p($_POST['eci']);
479 $pay['feeID'] = p($_POST['feeID']);
480 $pay['hash'] = p($_POST['hash']);
481 $pay['issuerCountry'] = p($_POST['issuerCountry']);
482 $pay['orderID'] = p($_POST['orderID']);
483 $pay['paymentType'] = p($_POST['paymentType']);
484 $pay['reference'] = p($_POST['reference']);
485 $pay['payTime'] = p($_POST['time']);
486 $pay['txnID'] = p($_POST['txnID']);
487 }
488
489 $url = 'http://***.no/management/api/functions.php';
490 $postData = [
491 'method' => $method,
492 'workType' => $workType,
493 'regNr' => $regNr,
494 'name' => $name,
495 'mobile' => $mobile,
496 'date' => $date,
497 'serviceIDs' => $serviceIDs,
498 'services' => $services,
499 'time' => $time,
500 'price' => $price,
501 'totalTime' => $totalTime,
502 'offerID' => $offerID,
503 'privateCustomerID' => $privateCustomerID,
504 'tyreID' => $tyreID,
505 'selType' => $selType,
506 'misc' => $misc,
507 'payDetails' => json_encode($pay),
508 'paymentDone' => $paymentDone,
509 'paymentMode' => $paymentMode
510 ];
511
512 $response = get_web_page($url, $postData);
513 $resArr = array();
514 $resArr = json_decode($response);
515
516 if(!is_object($resArr)) {
517 $r = ['failed'];
518 echo json_encode($r);
519 return;
520 }
521 if($offerID != 0) {
522 $result = $resArr->result;
523 if($result == 'failed') {
524 $r = ['failed'];
525 echo json_encode($r);
526 return;
527 }
528 else if($result == 'already ordered') {
529 $r = ['already ordered'];
530 echo json_encode($r);
531 return;
532 }
533
534 if($result == 'success' && $paymentDone == 1) {
535 $workOrderID = $resArr->workOrderID;
536 $orderedOn = $resArr->orderedOn;
537
538 $q = mysqli_query($con, "UPDATE tyre_offers SET tyreChangeDate='$date', tyreChangeTime='$time', workOrderID=$workOrderID, selectedType='$selType', orderedOn='$orderedOn' WHERE id=$offerID");
539 if($q) {
540 //$q = mysqli_query($con, "UPDATE tyre_offers SET tyreChangeDate='$date', tyreChangeTime='$time', selectedType = '$selType', orderedOn='$orderedOn' WHERE tyreID=$tyreID AND privateCustomerID=$privateCustomerID ");
541 $q2 = mysqli_query($con, "UPDATE tyres SET ordered=1, deliveryID = '$deliveryID' WHERE id=$tyreID");
542 $q3 = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryID', '$orderedOn', $customerID, '$deliveryDateTable', '', 1, '$tyreID', 'Processing', '$orgNr', '', 0, 0)");
543 $newDeliveryID = mysqli_insert_id($con);
544 /*if(!$q || !$q2 || !$q3) {
545 $r = ['failed'];
546 echo json_encode($r);
547 return;
548 }*/
549
550 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE id=$privateCustomerID");
551 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
552 $oldRegNr = $f['regNr'];
553 $newRegNr = $oldRegNr.','.$regNr;
554 $q = mysqli_query($con, "UPDATE private_customer SET regNr='$newRegNr', firstName='$name', mobile='$mobile', email='$email' WHERE id=$privateCustomerID");
555
556 if($email != '') {
557 $today = date('Y/m/d H:i');
558 $msg = '<html><head></head><body>
559
560 Hey '.$name.', <br>
561 You have successfully made a Dekkskift Dekkhotell Kunde order. <br><br>
562
563 Details of order are:<br>
564 Customer Name: <b> '.$name.' </b><br>
565 Mobile: <b> '.$mobile.'</b><br>
566 Reg Nr: <b>'.$regNr.'</b> <br>
567 Additional Services: <b>'.$services.'</b><br>
568 Date & Time of tyre change: <b>'.$date.' '.$time.' </b> <br>
569 Ordered On: <b>'.$today.'</b><br>
570 Offer Type: <b>'.$tyreType.'</b><br>
571 Price: <b>Kr '.$price.'</b><br>
572 </body></html>';
573
574 $arr = array();
575 $arr['to'] = $email; //'dekkhotell.***@gmail.com';
576 $arr['toName'] = $name;
577 $arr['subject'] = 'Successfully place your order';
578 $arr['body'] = $msg;
579 $mail = mailSend($arr);
580 }
581 $r = ['success'];
582 echo json_encode($r);
583 return;
584 }
585 }
586 else if($result == 'success' && $paymentDone == 0) {
587 // PAYMENT START ########################################################################
588 $orderID = random_string(10);
589 $postData['orderID'] = $orderID;
590 $_SESSION['pD'] = $postData;
591
592 $acceptURL = 'https://example.org/accept';
593 $cancelURL = 'https://example.org/cancel';
594 $callbackURL = 'https://example.org/callback';
595
596 $arr = [
597 'orderID' => $orderID,
598 'amount' => (int)$price*100,
599 'acceptURL' => $acceptURL,
600 'cancelURL' => $cancelURL,
601 'callbackURL' => $callbackURL
602 ];
603 $response = makePayment($arr);
604 if($response->meta->result) {
605 $token = $response->token;
606 $url = $response->url;
607 $r = ['paySessionSuccess', $token, $url];
608 echo json_encode($r);
609 return;
610 }
611 else {
612 $r = ['api error'];
613 echo json_encode($r);
614 return;
615 }
616 // PAYMENT END #########################################################################
617 }
618 }
619 else {
620 if($resArr->result == 'success' && $paymentDone == 1) {
621 if($email != '') {
622 $today = date('Y/m/d H:i');
623 $msg = '<html><head></head><body>
624
625 Hey '.$name.', <br>
626 You have successfully made a Dekkskift Dekkhotell Kunde order. <br><br>
627
628 Details of order are:<br>
629 Customer Name: <b> '.$name.' </b><br>
630 Mobile: <b> '.$mobile.'</b><br>
631 Reg Nr: <b>'.$regNr.'</b> <br>
632 Additional Services: <b>'.$services.'</b><br>
633 Date & Time of tyre change: <b>'.$date.' '.$time.' </b> <br>
634 Ordered On: <b>'.$today.'</b><br>
635
636 </body></html>';
637
638 $arr = array();
639 $arr['to'] = $email; //'dekkhotell.***@gmail.com';
640 $arr['toName'] = $name;
641 $arr['subject'] = 'Successfully place your order';
642 $arr['body'] = $msg;
643 $mail = mailSend($arr);
644 }
645
646 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE id=$privateCustomerID");
647 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
648 $oldRegNr = $f['regNr'];
649 if(strpos(strtolower($oldRegNr), strtolower($regNr)) === false) {
650 $newRegNr = $oldRegNr.','.$regNr;
651 }else {
652 $newRegNr = $oldRegNr;
653 }
654
655 $q = mysqli_query($con, "UPDATE private_customer SET regNr='$newRegNr', firstName='$name', mobile='$mobile', email='$email' WHERE id=$privateCustomerID");
656 $q = mysqli_query($con, "UPDATE tyres SET ordered=1, deliveryID = '$deliveryID' WHERE id=$tyreID");
657 $q2 = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryID', '$orderedOn', $customerID, '$deliveryDateTable', '', 1, '$tyreID', 'Processing', '$orgNr', '', 0, 0)");
658 $newDeliveryID = mysqli_insert_id($con);
659 /*if(!$q || !$q2) {
660 $r = ['failed'];
661 echo json_encode($r);
662 return;
663 }*/
664
665 $r = ['success'];
666 echo json_encode($r);
667 return;
668 }
669 else if($resArr->result == 'success' && $paymentDone == 0) {
670 // PAYMENT START ########################################################################
671 $orderID = random_string(10);
672 $postData['orderID'] = $orderID;
673 $_SESSION['pD'] = $postData;
674
675 $acceptURL = 'https://example.org/accept';
676 $cancelURL = 'https://example.org/cancel';
677 $callbackURL = 'https://example.org/callback';
678
679 $arr = [
680 'orderID' => $orderID,
681 'amount' => (int)$price*100,
682 'acceptURL' => $acceptURL,
683 'cancelURL' => $cancelURL,
684 'callbackURL' => $callbackURL
685 ];
686 $response = makePayment($arr);
687 if($response->meta->result) {
688 $token = $response->token;
689 $url = $response->url;
690 $r = ['paySessionSuccess', $token, $url];
691 echo json_encode($r);
692 return;
693 }else {
694 $r = ['api error'];
695 echo json_encode($r);
696 return;
697 }
698 // PAYMENT END #########################################################################
699 }
700 else if($resArr->result == 'already ordered') {
701 $r = ['already ordered'];
702 echo json_encode($r);
703 return;
704 }
705 else if($resArr->result == 'no work') {
706 $r = ['no work'];
707 echo json_encode($r);
708 return;
709 }
710 else if($resArr->result == 'no employee') {
711 $r = ['no employee'];
712 echo json_encode($r);
713 return;
714 }
715 }
716
717 $r = ['failed'];
718 echo json_encode($r);
719 return;
720
721
722}
723
724function fetchTyresDekkhotellOrderStatus() {
725 die(print_r('fetchTyresDekkhotellOrderStatus'));
726 if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
727
728 $con = dbCon();
729 $type = p($_POST['type']);
730 $orgNr = p($_SESSION['orgNr']);
731
732 if($type != 'ordered' && $type != 'delivered' && $type != 'stored') { $r = ['invalid type']; echo json_encode($r); return; }
733 if($type == 'ordered') {
734 $q = mysqli_query($con, "SELECT deliveryID FROM deliveries WHERE orgNr='$orgNr' AND deliveredBy =0 AND deliveredOn ='' ");
735 if(mysqli_num_rows($q) > 0) {
736 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
737 $delIDs = array();
738 foreach($fetch as $f) {
739 $delIDs[] = $f['deliveryID'];
740
741 }
742 $tr = '';
743 foreach($delIDs as $id) {
744 $q = mysqli_query($con, "SELECT * FROM tyres WHERE deliveryID='$id' ORDER BY id DESC");
745 if(mysqli_num_rows($q) == 0) {
746 $r = ['no result']; echo json_encode($r); return;
747 }else {
748 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
749 $tyreID = $f['id'];
750 $onClick = '';
751 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
752 $rowArray = createDataAttr($f);
753
754 //$rowArray = json_encode($rowArray);
755
756 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
757
758 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
759 $tr .= '<td>'.$f['filed'].'</td>';
760 //$tr .= '<td>'.$f['issued'].'</td>';
761 $tr .= '<td>'.$f['department'].'</td>';
762 $tr .= '<td onclick=""><a href="?p=privateCustomer&assign=1®Nr='.$f['regNr'].'">'.$f['regNr'].'</a></td>';
763 $tr .= '<td>'.$f['location'].'</td>';
764 $tr .= '<td>'.$f['tyreSize'].'</td>';
765 $tr .= '<td>'.$f['pattern'].'</td>';
766 $tr .= '<td>'.$f['season'].'</td>';
767 $tr .= '<td>'.$washed.'</td>';
768 $tr .= '<td>'.$f['condition'].'</td>';
769 $tr .= '<td>'.$orderButton.'</td>';
770 $tr .= '<td></td>';
771 $tr .= '</tr>';
772 }
773 }
774 $r = ['success', $tr];
775 echo json_encode($r);
776 return;
777 }
778 }
779 else if($type == 'delivered') {
780 $lastThreeMonths = date('d/m/Y H:i', strtotime('-3 month'));
781 $q = mysqli_query($con, "SELECT deliveryID FROM deliveries WHERE orgNr='$orgNr' AND deliveredBy !=0 AND deliveredOn !='' AND orderedOn >= '$lastThreeMonths' ");
782 if(mysqli_num_rows($q) > 0) {
783 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
784 $delIDs = array();
785 foreach($fetch as $f) {
786 $delIDs[] = $f['deliveryID'];
787
788 }
789
790 $tr = '';
791 foreach($delIDs as $id) {
792 $q = mysqli_query($con, "SELECT * FROM tyres WHERE deliveryID='$id' ORDER BY id DESC");
793 if(mysqli_num_rows($q) == 0) {
794 $r = ['no result']; echo json_encode($r); return;
795 }else {
796 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
797 $tyreID = $f['id'];
798 $onClick = '';
799 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
800 $rowArray = createDataAttr($f);
801
802 //$rowArray = json_encode($rowArray);
803
804 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
805
806 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
807 $tr .= '<td>'.$f['filed'].'</td>';
808 //$tr .= '<td>'.$f['issued'].'</td>';
809 $tr .= '<td>'.$f['department'].'</td>';
810 $tr .= '<td onclick=""><a href="?p=privateCustomer&assign=1®Nr='.$f['regNr'].'">'.$f['regNr'].'</a></td>';
811 $tr .= '<td>'.$f['location'].'</td>';
812 $tr .= '<td>'.$f['tyreSize'].'</td>';
813 $tr .= '<td>'.$f['pattern'].'</td>';
814 $tr .= '<td>'.$f['season'].'</td>';
815 $tr .= '<td>'.$washed.'</td>';
816 $tr .= '<td>'.$f['condition'].'</td>';
817 $tr .= '<td>'.$orderButton.'</td>';
818 $tr .= '<td></td>';
819 $tr .= '</tr>';
820 }
821 }
822 $r = ['success', $tr];
823 echo json_encode($r);
824 return;
825 }
826 }else if($type == 'stored') {
827 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' AND stored=1 ORDER BY id DESC");
828 if(mysqli_num_rows($q) == 0) {
829 $r = ['no result']; echo json_encode($r); return;
830 }
831 }
832
833 $tr = '';
834 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
835 foreach($fetch as $f) {
836 $tyreID = $f['id'];
837
838 if($type == 'delivered') {
839 $onClick = '';
840 $deliveryID = $f['deliveryID'];
841 if($f['delivered'] == 1) {
842 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
843 if(mysqli_num_rows($q) > 0) { continue; }
844 }
845 }else {
846 $onClick = 'onclick="addOrder(this)"';
847 }
848
849 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
850 $rowArray = createDataAttr($f);
851
852 //$rowArray = json_encode($rowArray);
853
854 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
855
856 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
857 $tr .= '<td>'.$f['filed'].'</td>';
858 //$tr .= '<td>'.$f['issued'].'</td>';
859 $tr .= '<td>'.$f['department'].'</td>';
860 $tr .= '<td onclick=""><a href="?p=privateCustomer&assign=1®Nr='.$f['regNr'].'">'.$f['regNr'].'</a></td>';
861 $tr .= '<td>'.$f['location'].'</td>';
862 $tr .= '<td>'.$f['tyreSize'].'</td>';
863 $tr .= '<td>'.$f['pattern'].'</td>';
864 $tr .= '<td>'.$f['season'].'</td>';
865 $tr .= '<td>'.$washed.'</td>';
866 $tr .= '<td>'.$f['condition'].'</td>';
867 $tr .= '<td>'.$orderButton.'</td>';
868 $tr .= '<td></td>';
869 $tr .= '</tr>';
870 }
871 $r = ['success', $tr];
872 echo json_encode($r);
873 return;
874}
875
876function getTimeSlots() {
877 $con = dbCon();
878 $orderType = p($_POST['orderType']);
879 $date = p($_POST['date']);
880 $day = p($_POST['day']);
881 $serviceIDs = p($_POST['serviceIDs']);
882 $timeSlots = array();
883 $currentTime = date('Hi');
884 $currentDate = date('Y/m/d');
885
886
887 $q = mysqli_query($con, "SELECT * FROM misc WHERE property='offDate' AND attribute1='$date'");
888 if(mysqli_num_rows($q) > 0) {
889 $r = ['closed'];
890 echo json_encode($r);
891 return;
892 }
893
894 $totalTime = 0;
895 if($serviceIDs != '') {
896 $serviceIDs = explode(',', $serviceIDs);
897 foreach($serviceIDs as $sid) {
898 if($sid == '' || $sid == '0' || $sid == 'undefined') { continue; }
899 $fs = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM misc WHERE property='services' AND id=$sid"), MYSQLI_ASSOC);
900 $time = (int)trim($fs['attribute3']);
901 $totalTime += $time;
902 }
903 }
904
905 $fw = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM misc WHERE property='workPriceWithoutLogin' AND attribute1='$orderType'"), MYSQLI_ASSOC);
906 $time = (int)$fw['attribute3'];
907 $totalTime += $time;
908
909 $q = mysqli_query($con, "SELECT * FROM misc WHERE property='timesForNormalTyreChangeOrder' AND attribute1='$day'");
910 if(mysqli_num_rows($q) > 0) {
911 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
912 if($f['attribute2'] != '') {
913 $times = explode(',', $f['attribute2']);
914 foreach($times as $time) {
915 $e = explode(':', $time);
916 $hr = $e[0];
917 $min = $e[1];
918 if($currentTime > $hr.$min && $currentDate == $date) { continue; }
919 $timeSlots[] = $hr.$min.'/'.$time;
920 }
921 }else {
922 $r = ['closed'];
923 echo json_encode($r);
924 return;
925 }
926 }
927 if(count($timeSlots) == 0) {
928 $r = ['closed'];
929 echo json_encode($r);
930 return;
931 }
932
933 sort($timeSlots);
934
935 $url = 'http://***.no/management/api/functions.php';
936 $postData = [
937 'method'=>'checkAvailableTimeSlots',
938 'workType'=>$orderType,
939 'date' => $date,
940 'totalTime' => $totalTime,
941 'timeSlots' => json_encode($timeSlots)
942 ];
943 $response = get_web_page($url, $postData);
944 $resArr = array();
945 $resArr = json_decode($response);
946
947 if(is_object($resArr)) {
948 if($resArr->result == 'success') {
949 $r = ['success', $resArr->data, $totalTime];
950 echo json_encode($r);
951 return;
952 }
953 }
954 $r = ['failed'];
955 echo json_encode($r);
956 return;
957
958 /*
959 $q = mysqli_query($con, "SELECT * FROM misc WHERE property='timesForNormalTyreChangeOrder' AND attribute1='$day' ");
960 if(mysqli_num_rows($q) > 0) {
961 $html = '';
962 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
963 if($f['attribute2'] != '') {
964 $times = explode(',', $f['attribute2']);
965 foreach($times as $time) {
966
967 $e = explode(':', $time);
968 $hr = $e[0];
969 $min = $e[1];
970
971 $html .= '<div class="inactiveService dateTime dateTime'.$hr.$min.'" onclick="saveTime(\''.$time.'\', '.$hr.$min.')">
972 '.$time.'
973 </div>';
974 }
975
976 $r = ['success', $html];
977 echo json_encode($r);
978 return;
979 }else {
980 $r = ['closed'];
981 echo json_encode($r);
982 return;
983 }
984 }
985
986 $r = ['failed'];
987 echo json_encode($r);
988 return;
989 */
990}
991
992function getServices() {
993 $con = dbCon();
994
995 $q = mysqli_query($con, "SELECT * FROM misc WHERE property='services'");
996 if(mysqli_num_rows($q) > 0) {
997 $html = '';
998 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
999 foreach($fetch as $f) {
1000 if($f['attribute1'] == '') { continue; }
1001
1002 $maxNum = (int)$f['attribute4'];
1003 $maxNumOptions = '';
1004 for($i=1; $i<=$maxNum; $i++) {
1005 $maxNumOptions .= '<option value="'.$i.'">'.$i.'</option>';
1006 }
1007
1008 $price = (int)$f['attribute2'];
1009 $html .= '<div class="inactiveService service'.$f['id'].'" onclick="saveService('.$f['id'].', '.$price.')" data-price="'.$price.'">
1010 '.$f['attribute1'].'
1011 <div style="display:inline-block; font-size:12px; margin:0px 0px 0px 10px; padding:0px 10px 0px 10px; border-left:1px solid #ccc; border-right:1px solid #ccc;">
1012 Kr '.$price.'
1013 </div>
1014 <select id="maxNum'.$f['id'].'" class="maxNum" data-id="'.$f['id'].'" data-price="'.$price.'" onchange="saveMaxNum('.$f['id'].','.$price.')" onclick="saveService(0,0)" style="color:#333; display:inline-block; margin-left:5px; border:none;">
1015 '.$maxNumOptions.'
1016 </select>
1017 </div>';
1018 }
1019
1020 $r = ['success', $html];
1021 echo json_encode($r);
1022 return;
1023 }
1024
1025 //$r = ['failed'];
1026 //echo json_encode($r);
1027 //return;
1028}
1029
1030function loginCustomer() {
1031 foreach($_POST as $key=>$value) {
1032 if(p($value) == '') {
1033 $r = ['empty fields'];
1034 echo json_encode($r);
1035 return;
1036 }
1037 }
1038 $con = dbCon();
1039
1040 $username = p($_POST['username']);
1041 $password = md5(p($_POST['password']));
1042 $customerType = (int)p($_POST['customerType']);
1043
1044 // private customer
1045 if($customerType == 0) {
1046 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE (username='$username' OR regNr LIKE '%$username%') AND password='$password'");
1047 if(mysqli_num_rows($q) > 0) {
1048 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1049
1050 $foundUser = 0;
1051 if(strpos($f['regNr'], ',') !== false) {
1052 $regNrs = explode(',', $f['regNr']);
1053 foreach($regNrs as $regNr) {
1054 if($regNr == '' || $regNr == 'undefined' || $regNr == ' ') { continue; }
1055 if($username == $regNr) {
1056 $foundUser = 1;
1057 break;
1058 }
1059 }
1060 }else if($f['regNr'] == $username) {
1061 $foundUser = 1;
1062 }
1063
1064 if($foundUser == 1) {
1065 $_SESSION['privateCustomerID'] = $f['id'];
1066 $r = ['privateCustomerSuccess'];
1067 echo json_encode($r);
1068 return;
1069 }
1070 }
1071 }else {
1072 $q = mysqli_query($con, "SELECT * FROM customers WHERE username='$username' AND password='$password'");
1073 if(mysqli_num_rows($q) > 0) {
1074 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1075 $companyID = $f['companyID'];
1076
1077 $fc = mysqli_fetch_array_n(mysqlI_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
1078 $orgNr = $fc['orgNr'];
1079
1080 $_SESSION['orgNr'] = $orgNr;
1081 $_SESSION['customerID'] = $f['id'];
1082 $r = ['success'];
1083 echo json_encode($r);
1084 return;
1085 }
1086 }
1087
1088 $r = ['incorrect'];
1089 echo json_encode($r);
1090 return;
1091}
1092
1093function tyreOrderWithoutLogin() {
1094 foreach($_POST as $key=>$value) {
1095 if($key == 'serviceIDs' || $key == 'email' || $key == 'orgNr') { continue; }
1096 if(p($value) == '') {
1097 $r = ['empty fields'];
1098 echo json_encode($r);
1099 return;
1100 }
1101 }
1102 $con = dbCon();
1103
1104 $regNr = p($_POST['regNr']);
1105 $name = p($_POST['name']);
1106 $mobile = p($_POST['mobile']);
1107 $date = p($_POST['date']);
1108 $type = p($_POST['workType']);
1109 $serviceIDs = p($_POST['serviceIDs']);
1110 $time = p($_POST['time']);
1111 $price = p($_POST['price']);
1112 $totalTime = (int)p($_POST['totalTime']);
1113 $email = p($_POST['email']);
1114 $paymentDone = (int)p($_POST['paymentDone']);
1115 $paymentMode = p($_POST['paymentMode']);
1116 $orgNr = p($_POST['orgNr']);
1117
1118 if($paymentMode == 'orgNr' || $paymentMode == 'payAtShop') {
1119 $paymentDone = 1;
1120 }
1121
1122 if($type == 'tyreChange') {
1123 $workType = 'Tyre Change';
1124 }else if($type == 'tyreBalancing') {
1125 $workType = 'Tyre Balancing';
1126 }else if($type == 'tyreRepair') {
1127 $workType = 'Tyre Repair';
1128 }
1129
1130 $services = '';
1131 if($serviceIDs != '') {
1132 $sIDs = explode(',', $serviceIDs);
1133 foreach($sIDs as $sID) {
1134 if($sID == '' || $sID == 'undefined') { continue; }
1135 $fs = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM misc WHERE property='services' AND id=$sID"), MYSQLI_ASSOC);
1136 $servicePrice = (int)$fs['attribute2'];
1137 $totalService = (int)p($_POST['service'.$sID]) / $servicePrice;
1138 $services .= $fs['attribute1'].'('.$totalService.'), ';
1139 }
1140 }
1141
1142 $pay = array();
1143 if($paymentDone == 1 && $paymentMode == 'payNow') {
1144 $pay['amount'] = p($_POST['amount']);
1145 $pay['cardNo'] = p($_POST['cardNo']);
1146 $pay['currency'] = p($_POST['currency']);
1147 $pay['payDate'] = p($_POST['payDate']);
1148 $pay['eci'] = p($_POST['eci']);
1149 $pay['feeID'] = p($_POST['feeID']);
1150 $pay['hash'] = p($_POST['hash']);
1151 $pay['issuerCountry'] = p($_POST['issuerCountry']);
1152 $pay['orderID'] = p($_POST['orderID']);
1153 $pay['paymentType'] = p($_POST['paymentType']);
1154 $pay['reference'] = p($_POST['reference']);
1155 $pay['payTime'] = p($_POST['payTime']);
1156 $pay['txnID'] = p($_POST['txnID']);
1157 }
1158
1159
1160 $url = 'http://***.no/management/api/functions.php';
1161 $postData = [
1162 'method'=>'tyreOrderWithoutLogin',
1163 'workType' => $workType,
1164 'regNr' => $regNr,
1165 'name' => $name,
1166 'mobile' => $mobile,
1167 'date' => $date,
1168 'serviceIDs' => $serviceIDs,
1169 'services' => $services,
1170 'time' => $time,
1171 'price' => $price,
1172 'totalTime' => $totalTime,
1173 'paymentDone' => $paymentDone,
1174 'paymentDetails' => json_encode($pay),
1175 'paymentMode' => $paymentMode,
1176 'orgNr' => $orgNr
1177 ];
1178
1179
1180 $response = get_web_page($url, $postData);
1181 $resArr = array();
1182 $resArr = json_decode($response);
1183 if(!is_object($resArr)) {
1184 $r = ['failed'];
1185 echo json_encode($r);
1186 return;
1187 }else {
1188 if($resArr->result == 'success' && $paymentDone == 1) {
1189 if($email != '') {
1190 $today = date('Y/m/d H:i');
1191 $msg = '<html><head></head><body>
1192
1193 Hey '.$name.', <br>
1194 You have successfully made a '.$workType.' order. <br><br>
1195
1196 Details of order are:<br>
1197 Customer Name: <b> '.$name.' </b><br>
1198 Mobile: <b> '.$mobile.'</b><br>
1199 Reg Nr: <b>'.$regNr.'</b> <br>
1200 Additional Services: <b>'.$services.'</b><br>
1201 Date & Time of tyre change: <b>'.$date.' '.$time.' </b> <br>
1202 Ordered On: <b>'.$today.'</b><br>
1203 Price: <b>Kr '.$price.'</b><br>
1204 </body></html>';
1205
1206 $arr = array();
1207 $arr['to'] = $email; //'dekkhotell.***@gmail.com';
1208 $arr['toName'] = $name;
1209 $arr['subject'] = 'Successfully place your order';
1210 $arr['body'] = $msg;
1211 $mail = mailSend($arr);
1212 }
1213
1214 $r = ['success'];
1215 echo json_encode($r);
1216 return;
1217 }
1218 else if($resArr->result == 'success' && $paymentDone == 0) {
1219 // PAYMENT START ########################################################################
1220 $orderID = random_string(10);
1221 $postData['orderID'] = $orderID;
1222 $_SESSION['pD'] = $postData;
1223
1224 $acceptURL = 'https://example.org/accept';
1225 $cancelURL = 'https://example.org/cancel';
1226 $callbackURL = 'https://example.org/callback';
1227
1228 $arr = [
1229 'orderID' => $orderID,
1230 'amount' => (int)$price*100,
1231 'acceptURL' => $acceptURL,
1232 'cancelURL' => $cancelURL,
1233 'callbackURL' => $callbackURL
1234 ];
1235 $response = makePayment($arr);
1236 if($response->meta->result) {
1237 $token = $response->token;
1238 $url = $response->url;
1239 $r = ['paySessionSuccess', $token, $url];
1240 echo json_encode($r);
1241 return;
1242 }else {
1243 $r = ['api error'];
1244 echo json_encode($r);
1245 return;
1246 }
1247 // PAYMENT END #########################################################################
1248 }
1249 else if($resArr->result == 'already ordered') {
1250 $r = ['already ordered'];
1251 echo json_encode($r);
1252 return;
1253 }
1254 else if($resArr->result == 'no work') {
1255 $r = ['no work'];
1256 echo json_encode($r);
1257 return;
1258 }
1259 else if($resArr->result == 'no employee') {
1260 $r = ['no employee'];
1261 echo json_encode($r);
1262 return;
1263 }
1264 }
1265
1266 $r = ['failed'];
1267 echo json_encode($r);
1268 return;
1269
1270}
1271
1272function registerCustomer() {
1273 foreach($_POST as $key=>$value) {
1274 if(p($value) == '') {
1275 $r = ['empty fields'];
1276 echo json_encode($r);
1277 return;
1278 }
1279 }
1280 $con = dbCon();
1281 $username = p($_POST['username']);
1282 $password = md5(p($_POST['pass']));
1283 $mobile = p($_POST['mobile']);
1284 $name = p($_POST['name']);
1285 $email = p($_POST['email']);
1286 $postCode = p($_POST['postCode']);
1287 $address = p($_POST['address']);
1288 $city = p($_POST['city']);
1289 $regNr = p($_POST['regNr']);
1290
1291 if(strpos($name, ' ') !== false) {
1292 $name = explode(' ', $name);
1293 $firstName = $name[0];
1294 $i = 1;
1295 $lastName = '';
1296 foreach($name as $n) {
1297 if($n == '') { continue; }
1298 if($i == 1) { continue; }
1299 $lastName .= $n.' ';
1300 $i++;
1301 }
1302 }else {
1303 $firstName = $name;
1304 $lastName = '';
1305 }
1306
1307 if(strpos($regNr, ',') !== false) {
1308 $regNrs = explode(',', $regNr);
1309 foreach($regNrs as $rn) {
1310 if($rn == '') { continue; }
1311 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$rn%'");
1312 if(mysqli_num_rows($q) > 0) {
1313 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1314 $privateCustomerID = $f['id'];
1315 //$r = ['regNr exists'];
1316 $r = ['success', $privateCustomerID];
1317 echo json_encode($r);
1318 return;
1319 }
1320 }
1321 }else {
1322 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$regNr%'");
1323 if(mysqli_num_rows($q) > 0) {
1324 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1325 $privateCustomerID = $f['id'];
1326 //$r = ['regNr exists'];
1327 $r = ['success', $privateCustomerID];
1328 echo json_encode($r);
1329 return;
1330 }
1331 }
1332
1333
1334
1335 /*
1336 if($companyID != 0) {
1337 $q = mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID");
1338 if(mysqli_num_rows($q) == 0) {
1339 $r = ['failed'];
1340 echo json_encode($r);
1341 return;
1342 }else {
1343 $q = mysqli_query($con, "INSERT INTO customers (`id`, `companyID`, `username`, `password`, `email`, `orgNr`, `address`, `postCode`, `city`, `country`, `phone`, `invoice`, `company`, `contactPerson`) VALUES (NULL, $companyID, '$username', '$password', '$email', '', '$address', '$postCode', '$city', '$country', '$mobile', '', '', '')");
1344 if($q) {
1345 $r = ['success'];
1346 echo json_encode($r);
1347 return;
1348 }
1349 }
1350 }*/
1351
1352 $companyID = 0;
1353 $q = mysqli_query($con, "SELECT * FROM companies WHERE name LIKE '%Moss Dekk AS%'");
1354 if(mysqli_num_rows($q) > 0) {
1355 $fc = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1356 $companyID = $fc['id'];
1357 }
1358
1359 $q = mysqli_query($con, "INSERT INTO private_customer (`id`, `username`, `password`, `firstName`, `lastName`, `address`, `postCode`, `mobile`, `email`, `comments`, `payment`, `paymentLog`, `regNr`, `companyID`, `tyreOfferID`, `tyreID`, `orderID`) VALUES (NULL, '$username', '$password', '$firstName', '$lastName', '$address', '$postCode', '$mobile', '$email', '', '', '', '$regNr', $companyID, 0, '', 0)");
1360 if($q) {
1361 $newPrivateCustomerID = (int)mysqli_insert_id($con);
1362
1363 $r = ['success', $newPrivateCustomerID];
1364 echo json_encode($r);
1365 return;
1366 }
1367
1368 $r = ['failed'];
1369 echo json_encode($r);
1370 return;
1371}
1372
1373function checkUsername() {
1374 $con = dbCon();
1375 $value = p($_POST['value']);
1376
1377 $q = mysqli_query($con, "SELECT * FROM customers WHERE username='$value'");
1378 if(mysqli_num_rows($q) > 0) {
1379 $r = ['exists'];
1380 echo json_encode($r);
1381 return;
1382 }
1383 $r = ['success'];
1384 echo json_encode($r);
1385 return;
1386}
1387
1388function tyreChanged() {
1389 if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
1390
1391 $con = dbCon();
1392 $tyreID = (int)p($_POST['tyreID']);
1393 $privateCustomerID = (int)p($_POST['id']);
1394 $offerID = (int)p($_POST['offerID']);
1395 $today = date('Y/m/d H:i');
1396
1397 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE id=$offerID AND privateCustomerID=$privateCustomerID AND tyreID=$tyreID");
1398 if(mysqli_num_rows($q) > 0) {
1399 $q = mysqli_query($con, "UPDATE tyre_offers SET changed=1, changedOn = '$today' WHERE id=$offerID");
1400 if($q) {
1401 $r = ['success'];
1402 echo json_encode($r);
1403 return;
1404 }
1405 }
1406 $r = ['failed'];
1407 echo json_encode($r);
1408 return;
1409}
1410
1411function suggestUsername() {
1412 $con = dbCon();
1413 $value = p($_POST['value']);
1414
1415 $customerID = (int)$_SESSION['customerID'];
1416 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
1417 $companyID = $fc['companyID'];
1418
1419 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE username LIKE '%$value%' AND companyID=$companyID");
1420 if(mysqli_num_rows($q) > 0) {
1421 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
1422 $tr = '';
1423 foreach ($fetch as $f) {
1424
1425 $info = [
1426 'username' => $f['username'],
1427 'firstName' => $f['firstName'],
1428 'lastName' => $f['lastName'],
1429 'address' => $f['address'],
1430 'postCode' => $f['postCode'],
1431 'email' => $f['email'],
1432 'mobile' => $f['mobile'],
1433 'comment' => $f['comments'],
1434 'privateCustomerID' => $f['id']
1435 ];
1436
1437 $tr .= '<tr onclick="fillInfo(this)" data-info="'.htmlspecialchars(json_encode($info)).'"><td>'.$f['username'].'</td></tr>';
1438 }
1439
1440 $r = ['success', $tr];
1441 echo json_encode($r);
1442 return;
1443 }
1444
1445 $r = ['not found'];
1446 echo json_encode($r);
1447 return;
1448}
1449
1450function saveTyreOffer() {
1451 if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
1452
1453 $con = dbCon();
1454 $offerID = (int)p($_POST['offerID']);
1455 $offerType = p($_POST['offerType']);
1456 $size = p($_POST['size']);
1457 $price = p($_POST['price']);
1458 $brand = p($_POST['brand']);
1459 $model = p($_POST['model']);
1460 $count = p($_POST['count']);
1461 $recommendedOrderID = 0;
1462
1463 $tyreID = (int)p($_POST['tyreID']);
1464 $regNr = p($_POST['regNr']);
1465
1466 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$regNr%' AND tyreID LIKE '%$tyreID%' ");
1467
1468 if(mysqli_num_rows($q) > 0) {
1469 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1470 $privateCustomerID = $f['id'];
1471 }else {
1472 $r = ['failed'];
1473 echo json_encode($r);
1474 return;
1475 }
1476
1477 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE selectedType = '' AND changed=0 AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID");
1478 if(mysqli_num_rows($q) > 0) {
1479 $q = mysqli_query($con, "UPDATE tyre_offers SET size_".$offerType."='$size', price_".$offerType."='$price', brand_".$offerType."='$brand', count_".$offerType."='$count', model_".$offerType."='$model' WHERE privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID ");
1480 if($q) {
1481 $r = ['success'];
1482 echo json_encode($r);
1483 return;
1484 }
1485 }else {
1486 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE selectedType != '' AND changed=0 AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID");
1487 if(mysqli_num_rows($q) > 0) {
1488 $r = ['already ordered'];
1489 echo json_encode($r);
1490 return;
1491 }else {
1492 $q = mysqli_query($con, "INSERT INTO tyre_offers (`id`, `privateCustomerID`, `regNr`, `tyreID`, `recommendedOrderID`, `size_b`, `price_b`, `brand_b`, `model_b`, `count_b`, `size_m`, `price_m`, `brand_m`, `model_m`, `count_m`, `size_p`, `price_p`, `brand_p`, `model_p`, `count_p`, `recommendedType`, `selectedType`, `orderedOn`, `changed`, `changedOn`, `tyreChangeDate`, `tyreChangeTime`, `workOrderID`) VALUES (NULL, $privateCustomerID, '$regNr', $tyreID, $recommendedOrderID, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 0, '', '', '', 0)");
1493 if($q) {
1494 $newOfferID = (int)mysqli_insert_id($con);
1495 $q2 = mysqli_query($con, "UPDATE tyre_offers SET size_".$offerType."='$size', price_".$offerType."='$price', brand_".$offerType."='$brand', model_".$offerType."='$model', count_".$offerType."='$count' WHERE id=$newOfferID"); //privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID ");
1496 if($q2) {
1497 $r = ['success'];
1498 echo json_encode($r);
1499 return;
1500 }
1501 }
1502 }
1503 }
1504
1505 /*
1506 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE id=$offerID"); //selectedType = '' AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID");
1507 if(mysqli_num_rows($q) > 0) {
1508 $q = mysqli_query($con, "UPDATE tyre_offers SET size_".$offerType."='$size', price_".$offerType."='$price', brand_".$offerType."='$brand', model_".$offerType."='$model' WHERE id=$offerID ");//privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID ");
1509 if($q) {
1510 $r = ['success'];
1511 echo json_encode($r);
1512 return;
1513 }
1514 }else {
1515
1516 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE tyreID=$tyreID AND regNr='$regNr' AND selectedType != '' AND changed=0");
1517 if(mysqli_num_rows($q) > 0) {
1518 $r = ['already ordered'];
1519 echo json_encode($r);
1520 return;
1521 }
1522
1523 $q = mysqli_query($con, "INSERT INTO tyre_offers (`id`, `privateCustomerID`, `regNr`, `tyreID`, `recommendedOrderID`, `size_b`, `price_b`, `brand_b`, `model_b`,`size_m`, `price_m`, `brand_m`, `model_m`,`size_p`, `price_p`, `brand_p`, `model_p`, `recommendedType`, `selectedType`, `orderedOn`, `changed`, `changedOn`) VALUES (NULL, $privateCustomerID, '$regNr', $tyreID, $recommendedOrderID, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 0, '')");
1524 if($q) {
1525 $q2 = mysqli_query($con, "UPDATE tyre_offers SET size_".$offerType."='$size', price_".$offerType."='$price', brand_".$offerType."='$brand', model_".$offerType."='$model' WHERE id=$offerID "); //privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID ");
1526 if($q2) {
1527 $r = ['success'];
1528 echo json_encode($r);
1529 return;
1530 }
1531 }
1532 }*/
1533
1534 $r = ['failed'];
1535 echo json_encode($r);
1536 return;
1537}
1538
1539function recommendTyreOffer() {
1540 if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
1541
1542 $con = dbCon();
1543 $regNr = p($_POST['regNr']);
1544 //$offerID = (int)p($_POST['offerID']);
1545 $tyreID = (int)p($_POST['tyreID']);
1546 $offerType = p($_POST['offerType']);
1547 $privateCustomerID = (int)p($_POST['id']);
1548 $recommendedOrderID = 0;
1549
1550 if($regNr == '' || $tyreID == '' || $tyreID == '0') {
1551 $r = ['regNr required'];
1552 echo json_encode($r);
1553 return;
1554 }
1555
1556 $customerID = (int)$_SESSION['customerID'];
1557 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
1558 $companyID = (int)$fc['companyID'];
1559
1560 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE tyreID=$tyreID AND regNr='$regNr'");
1561 if(mysqli_num_rows($q) > 0) {
1562 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1563 $tyreOfferID = $f['id'];
1564
1565 if($f['selectedType'] != '') {
1566 $q = mysqli_query($con, "INSERT INTO tyre_offers (`id`, `privateCustomerID`, `regNr`, `tyreID`, `recommendedOrderID`, `size_b`, `price_b`, `brand_b`, `model_b`, `count_b`, `size_m`, `price_m`, `brand_m`, `model_m`, `count_m`, `size_p`, `price_p`, `brand_p`, `model_p`, `count_p`, `recommendedType`, `selectedType`, `orderedOn`, `changed`, `changedOn`, `tyreChangeDate`, `tyreChangeTime`, `workOrderID`) VALUES (NULL, $privateCustomerID, '$regNr', $tyreID, $recommendedOrderID, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 0, '', '', '', 0)");
1567 if($q) {
1568 $r = ['success'];
1569 echo json_encode($r);
1570 return;
1571 }
1572
1573 $r = ['failed'];
1574 echo json_encode($r);
1575 return;
1576 }
1577
1578 $q = mysqli_query($con, "UPDATE tyre_offers SET recommendedType='$offerType' WHERE id=$tyreOfferID");
1579 if($q) {
1580 $r = ['success'];
1581 echo json_encode($r);
1582 return;
1583 }
1584 }
1585
1586 $r = ['failed'];
1587 echo json_encode($r);
1588 return;
1589
1590
1591 /*
1592 $q = mysqli_query($con, "SELECT * FROM recommended_tyre_orders WHERE regNr='$regNr' AND companyID=$companyID");
1593 if(mysqli_num_rows($q) > 0) {
1594 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
1595 foreach($fetch as $f) {
1596 $oldID = $f['id'];
1597 $q = mysqli_query($con, "DELETE FROM recommended_tyre_orders WHERE id=$oldID");
1598 }
1599 }
1600
1601 $q = mysqli_query($con, "SELECT * FROM misc WHERE id=$offerID");
1602 $q2 = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr='$regNr' AND companyID=$companyID");
1603 if(mysqli_num_rows($q) > 0 && mysqli_num_rows($q2) > 0) {
1604 $f = mysqli_fetch_array_n($q2, MYSQLI_ASSOC);
1605 $privateCustomerID = $f['id'];
1606 $tyreID = (int)$f['tyreID'];
1607 $tyreOfferID = $offerID;
1608 $today = date('Y/m/d H:i');
1609
1610 $fo = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM misc WHERE property='tyreOffers' AND id=$offerID"), MYSQLI_ASSOC);
1611 $size = $fo['attribute2'];
1612 $price = $fo['attribute3'];
1613 $brand = $fo['attribute4'];
1614 $model = $fo['attribute5'];
1615
1616 $q = mysqli_query($con, "INSERT INTO recommended_tyre_orders (`id`, `privateCustomerID`, `tyreID`, `tyreOfferID`, `offeredOn`, `accepted`, `acceptedOn`, `changed`, `changedOn`, `size`, `regNr`, `brand`, `companyID`, `model`, `price`) VALUES (NULL, $privateCustomerID, $tyreID, $tyreOfferID, '$today', 0, '', 0, '', '$size', '$regNr', '$brand', $companyID, '$model', '$price')");
1617 $orderID = (int)mysqli_insert_id($con);
1618
1619 $q2 = mysqli_query($con, "UPDATE private_customer SET tyreOfferID=$offerID, orderID=$orderID WHERE id=$privateCustomerID");
1620 if($q && $q2) {
1621 $r = ['success'];
1622 echo json_encode($r);
1623 return;
1624 }
1625
1626 $r = ['failed'];
1627 echo json_encode($r);
1628 return;
1629 }
1630
1631 $r = ['failed'];
1632 echo json_encode($r);
1633 return;
1634 */
1635}
1636
1637function replyPrivateCustomer() {
1638 if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
1639
1640 $con = dbCon();
1641 $reply = p($_POST['reply']);
1642 $requestID = (int)p($_POST['id']);
1643 $today = date('Y/m/d H:i');
1644 $customerID = (int)$_SESSION['customerID'];
1645
1646 $q = mysqli_query($con, "SELECT * FROM requests WHERE id=$requestID AND replied=0");
1647 if(mysqli_num_rows($q) > 0) {
1648 $q = mysqli_query($con, "UPDATE requests SET reply = '$reply', replyDate='$today', replied=1, repliedBy=$customerID WHERE id=$requestID");
1649 if($q) {
1650 $r = ['success', $reply];
1651 echo json_encode($r);
1652 return;
1653 }
1654
1655 $r = ['failed'];
1656 echo json_encode($r);
1657 return;
1658 }
1659 $r = ['failed'];
1660 echo json_encode($r);
1661 return;
1662}
1663
1664function savePrivateCustomerDetails() {
1665 //if(!customerLoggedIn()) { $r = ['no customer']; echo json_encode($r); return; }
1666
1667 $con = dbCon();
1668 $username = p($_POST['username']);
1669 $password = p($_POST['pass']);
1670 $firstName = p($_POST['firstName']);
1671 $lastName = p($_POST['lastName']);
1672 $address = p($_POST['address']);
1673 $email = p($_POST['email']);
1674 $postCode = p($_POST['postCode']);
1675 $mobile = p($_POST['mobile']);
1676
1677 if(!isset($_POST['id'])) {
1678 // from customer section
1679 $comment = p($_POST['comment']);
1680 $regNr = p($_POST['regNr']);
1681 $paymentPrice = '';
1682 $tyreID = (int)p($_POST['tyreID']);
1683 $privateCustomerID = (int)p($_POST['privateCustomerID']);
1684 }else {
1685 // from self register
1686 $privateCustomerID = (int)p($_POST['id']);
1687 $regNrs = p($_POST['regNr']);
1688 }
1689
1690 $customerID = (int)$_SESSION['customerID'];
1691 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
1692 $companyID = (int)$fc['companyID'];
1693
1694 if($password == '') {
1695 $passQuery = '';
1696 $password = md5($password);
1697 }else {
1698 $passQuery = ',password=\''.md5($password).'\'';
1699 $password = md5($password);
1700 }
1701
1702 if(!isset($_POST['id'])) {
1703 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE tyreID LIKE '%$tyreID%' OR id=$privateCustomerID "); //username = '$username'"); //OR regNr = '$regNr'");
1704 if(mysqli_num_rows($q) > 0 && $privateCustomerID != 0) {
1705 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1706 $id = $f['id'];
1707 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE username='$username' AND id != $id");
1708 if(mysqli_num_rows($q) > 0) {
1709 $r = ['username exists'];
1710 echo json_encode($r);
1711 return;
1712 }
1713 $newTyreID = 1;
1714 $tyreIDs = explode(',', $f['tyreID']);
1715 foreach($tyreIDs as $tid) {
1716 if($tid == '' || $tid == '0' || $tid == 'undefinded') { continue; }
1717 if($tid == $tyreID) {
1718 $newTyreID = 0;
1719 break;
1720 }
1721 }
1722 $newRegNr = 1;
1723 $regNrs = explode(',', $f['regNr']);
1724 foreach($regNrs as $reg) {
1725 if($reg == '') { continue; }
1726 if($reg == $regNr) {
1727 $newRegNr = 0;
1728 break;
1729 }
1730 }
1731 if($newTyreID == 1 && $newRegNr == 1) {
1732 $newTyreIDs = $f['tyreID'].$tyreID.',';
1733 $newRegNr = $f['regNr'].$regNr.',';
1734 }else {
1735 $newTyreIDs = $f['tyreID'].',';
1736 $newRegNr = $f['regNr'].',';
1737 }
1738
1739 $q = mysqli_query($con, "UPDATE private_customer SET tyreID='$newTyreIDs', username='$username' ".$passQuery.", firstName='$firstName', lastName='$lastName', address='$address', postCode='$postCode', email='$email', mobile='$mobile', comments='$comment', payment='$paymentPrice', regNr='$newRegNr' WHERE id=$privateCustomerID AND companyID=$companyID");
1740 if($q) {
1741
1742 $q = mysqli_query($con, "UPDATE tyres SET privateCustomerID=$privateCustomerID WHERE id=$tyreID");
1743
1744 //$newData = array();
1745 $newData = [
1746 'username' => '<input type="hidden" id="regNr" value="'.$regNr.'" />
1747 <input type="hidden" id="tyreID" value="'.$tyreID.'" />
1748 <input type="hidden" id="privateCustomerID" value="'.$privateCustomerID.'" />
1749 <span class="field" >'.$username.'</span><input type="text" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$username.'"/>',
1750 'password' => '<span class="field" ></span><input type="text" id="password" class="txtInput editField" style="display:none; width:200px; padding:2px;" value=""/>',
1751 'firstName' => '<span class="field" >'.$firstName.'</span><input type="text" id="firstName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$firstName.'"/>',
1752 'lastName' => '<span class="field" >'.$lastName.'</span><input type="text" id="lastName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$lastName.'"/>',
1753 'address' => '<span class="field" >'.$address.'</span><input type="text" id="address" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$address.'"/>',
1754 'email' => '<span class="field" >'.$email.'</span><input type="text" id="email" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$email.'"/>',
1755 'postCode' => '<span class="field" >'.$postCode.'</span><input type="text" id="postCode" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$postCode.'"/>',
1756 'mobile' => '<span class="field" >'.$mobile.'</span><input type="text" id="mobile" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$mobile.'"/>',
1757 'comment' => '<span class="field" >'.$comment.'</span><input type="text" id="comment" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$comment.'"/>',
1758 'buttons' => '<input type="button" value="Edit" class="orangeButton editButton" onclick="editPrivateCustomerDetails()"> <input type="button" style="display:none;" value="Save" class="greenButton saveButton" onclick="savePrivateCustomer()"> <input type="button" value="Delete" class="redButton deleteButton" onclick="">'
1759 ];
1760
1761 $r = ['success', $newData];
1762 echo json_encode($r);
1763 return;
1764 }
1765
1766 }else {
1767 $q = mysqli_query($con, "INSERT INTO private_customer (`id`, `username`, `password`, `firstName`, `lastName`, `address`, `postCode`, `mobile`, `email`, `comments`, `payment`, `paymentLog`, `regNr`, `companyID`, `tyreOfferID`, `tyreID`, `orderID`) VALUES (NULL, '$username', '$password', '$firstName', '$lastName', '$address', '$postCode', '$mobile', '$email', '$comment', '', '', '$regNr,', $companyID, 0, '$tyreID,', 0) ");
1768 $privateCustomerID = (int)mysqli_insert_id($con);
1769 if($q) {
1770 $q = mysqli_query($con, "UPDATE tyres SET privateCustomerID=$privateCustomerID WHERE id=$tyreID");
1771
1772 //$newData = array();
1773 $newData = [
1774 'username' => '<input type="hidden" id="regNr" value="'.$regNr.'" />
1775 <input type="hidden" id="tyreID" value="'.$tyreID.'" />
1776 <input type="hidden" id="privateCustomerID" value="'.$privateCustomerID.'" />
1777 <span class="field" >'.$username.'</span><input type="text" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$username.'"/>',
1778 'password' => '<span class="field" ></span><input type="text" id="password" class="txtInput editField" style="display:none; width:200px; padding:2px;" value=""/>',
1779 'firstName' => '<span class="field" >'.$firstName.'</span><input type="text" id="firstName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$firstName.'"/>',
1780 'lastName' => '<span class="field" >'.$lastName.'</span><input type="text" id="lastName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$lastName.'"/>',
1781 'address' => '<span class="field" >'.$address.'</span><input type="text" id="address" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$address.'"/>',
1782 'email' => '<span class="field" >'.$email.'</span><input type="text" id="email" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$email.'"/>',
1783 'postCode' => '<span class="field" >'.$postCode.'</span><input type="text" id="postCode" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$postCode.'"/>',
1784 'mobile' => '<span class="field" >'.$mobile.'</span><input type="text" id="mobile" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$mobile.'"/>',
1785 'comment' => '<span class="field" >'.$comment.'</span><input type="text" id="comment" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$comment.'"/>',
1786 'buttons' => '<input type="button" value="Edit" class="orangeButton editButton" onclick="editPrivateCustomerDetails()"> <input type="button" style="display:none;" value="Save" class="greenButton saveButton" onclick="savePrivateCustomer()"> <input type="button" value="Delete" class="redButton deleteButton" onclick="">'
1787 ];
1788
1789 $r = ['success', $newData];
1790 echo json_encode($r);
1791 return;
1792 }else {
1793 $r = ['failed'];
1794 echo json_encode($r);
1795 return;
1796 }
1797 }
1798 }
1799 else {
1800
1801 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE username='$username' AND id != $privateCustomerID");
1802 if(mysqli_num_rows($q) > 0) {
1803 $r = ['exists'];
1804 echo json_encode($r);
1805 return;
1806 }
1807
1808 $tyreIDs = '';
1809 $regNrArr = explode(',', $regNrs);
1810 foreach($regNrArr as $nr) {
1811 if($nr == '') { continue; }
1812 $q = mysqli_query($con, "SELECT * FROM tyres WHERE regNr='$nr'");
1813 if(mysqli_num_rows($q) > 0) {
1814 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1815 $tyreIDs .= $f['id'].',';
1816 }
1817 }
1818
1819 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE id=$privateCustomerID ");
1820 if(mysqli_num_rows($q) > 0) {
1821
1822 $q = mysqli_query($con, "UPDATE private_customer SET regNr='$regNrs', tyreID='$tyreIDs', username='$username' ".$passQuery.", firstName='$firstName', lastName='$lastName', address='$address', postCode='$postCode', mobile='$mobile', email='$email' WHERE id=$privateCustomerID AND companyID=$companyID ");
1823 if($q) {
1824 $r = ['success'];
1825 echo json_encode($r);
1826 return;
1827 }
1828 }
1829
1830 $r = ['failed'];
1831 echo json_encode($r);
1832 return;
1833
1834 }
1835}
1836
1837function changeDeliveryDate() {
1838 if(!customerLoggedIn()) { echo 'no customer'; return; }
1839
1840 $con = dbCon();
1841 $deliveryID = (int)p($_POST['id']);
1842 $date = p($_POST['deliveryDate']);
1843 $time = p($_POST['deliveryTime']);
1844 $newDeliveryDate = $date.' '.$time;
1845
1846 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE id=$deliveryID");
1847 if(mysqli_num_rows($q) == 0) {
1848 $r = ['not found'];
1849 echo json_encode($r);
1850 return;
1851 }
1852
1853 $q = mysqli_query($con, "UPDATE deliveries SET deliveryDate='$newDeliveryDate' WHERE id=$deliveryID");
1854 if(!$q) {
1855 $r = ['update error'];
1856 echo json_encode($r);
1857 return;
1858 }
1859
1860 $r = ['success'];
1861 echo json_encode($r);
1862 return;
1863}
1864
1865function confirmOrderPickup() {
1866 if(!customerLoggedIn()) { echo 'no customer'; return; }
1867
1868 $con = dbCon();
1869 $tyreSet = (int)p($_POST['tyreSet']);
1870 $pickupDate = p($_POST['pickupDate']);
1871 $today = date('Y/m/d H:i');
1872 $pickupTime = p($_POST['pickupTime']);
1873 if($pickupTime == '') { $pickupTime = ''; }
1874
1875 $customerID = (int)$_SESSION['customerID'];
1876 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
1877 $companyID = (int)$fc['companyID'];
1878 $username = $fc['username'];
1879
1880 $f = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
1881 $companyName = $f['name'];
1882 $address = $f['address'];
1883 $postCode = $f['postCode'];
1884 $city = $f['city'];
1885 $country = $f['country'];
1886 $phone = $f['phone'];
1887 $email = $f['email'];
1888 $orgNr = $f['orgNr'];
1889 $pickupAddress = $address.', '.$postCode.', '.$city.', '.$country;
1890 $phone = $f['phone'];
1891
1892 $pickupDate = $pickupDate.' '.$pickupTime;
1893
1894 //insert into DB for reference
1895 $q = mysqli_query($con, "INSERT INTO pickup_orders (`id`, `orderedOn`, `customerID`, `companyID`, `tyreSet`, `pickupDate`, `address`, `status`) VALUES (NULL, '$today', $customerID, $companyID, $tyreSet, '$pickupDate', '$pickupAddress', 'Pending')");
1896 if(!$q) { echo 'failed'; return; }
1897
1898 $msg = '<html><head></head><body>
1899
1900 Hey Saad, <br>
1901 Pickup of tyres has been ordered by a customer. <br><br>
1902
1903 Details of order are:<br>
1904 Customer Name: <b> '.$username.' </b><br>
1905 Company Name: <b> '.$companyName.'</b><br>
1906 Org Nr: <b>'.$orgNr.'</b> <br>
1907 Phone Nr: <b>'.$phone.'</b><br>
1908 Tyre Sets: <b>'.$tyreSet.' </b> <br>
1909 Pickup Date: <b>'.$pickupDate.'</b> <br>
1910 Address: <b>'.$pickupAddress.'</b><br>
1911 Ordered On: <b>'.$today.'</b><br>
1912
1913 </body></html>';
1914
1915 $fw = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM warehousedetails"), MYSQLI_ASSOC);
1916 $companyEmail = $fw['email'];
1917
1918 $arr = array();
1919 $arr['to'] = $companyEmail; //'dekkhotell.***@gmail.com';
1920 $arr['toName'] = 'DekkHotell - ***';
1921 $arr['subject'] = 'Pickup order';
1922 $arr['body'] = $msg;
1923 $mail = mailSend($arr);
1924
1925 echo 'success';
1926 return;
1927
1928}
1929
1930function searchHistory() {
1931 if(!customerLoggedIn()) { echo 'no customer'; return; }
1932
1933 $con = dbCon();
1934 $type = p($_POST['type']);
1935 $regNr = p($_POST['value']);
1936 $orgNr = p($_SESSION['orgNr']);
1937
1938 if($type == 'deliveryHistory') {
1939 $fetch = mysqli_fetch_all_n(mysqli_query($con, "SELECT * FROM deliveries WHERE orgNr='$orgNr'"), MYSQLI_ASSOC);
1940 $trDelivery = '';
1941 $i = 1;
1942 foreach($fetch as $f) {
1943 $tyreIDs = explode(',', $f['tyreIDs']);
1944 $tyreLoc = '';
1945 foreach($tyreIDs as $tyreID) {
1946 if($tyreID == '') { continue; }
1947 $tyreID = (int)$tyreID;
1948 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID AND regNr LIKE '%$regNr%'");
1949 if(mysqli_num_rows($q) == 0) { continue; }
1950 $ft = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
1951 $originalRegNr = $ft['regNr'];
1952 $tyreLoc .= $ft['location'].',';
1953
1954 $customerIDDelivery = (int) $f['customerID'];
1955 $fC = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerIDDelivery"), MYSQLI_ASSOC);
1956 $customerName = $fC['username'];
1957
1958 $employeeID = $f['deliveredBy'];
1959 if($employeeID != 0) {
1960 $fe = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM employees WHERE id=$employeeID"), MYSQLI_ASSOC);
1961 $deliveredBy = $fe['name'];
1962 }else { $deliveredBy = 'None'; }
1963
1964 $customerID = $f['receivedBy'];
1965 if($customerID != 0) {
1966 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
1967 $receivedBy = $fc['name'];
1968 //$receiveButton = '';
1969 }else {
1970 $receivedBy = 'None';
1971 //$receiveButton = '<input type="button" class="greenButton" value="Received" onclick="receivedTyre('.$f['id'].')" />';
1972 }
1973
1974 if($f['status'] != 'Delivered' && $f['received'] == 0) {
1975 $changeDeliveryDateButton = '<input type="button" class="orangeButton" value="Change Delivery Date" onclick="deliveryDateContainer('.$f['id'].')" />';
1976 }else { $changeDeliveryDateButton = ''; }
1977 if($f['status'] == 'Delivered' && $f['received'] == 0) {
1978 $receiveButton = '<input type="button" class="greenButton" value="Received" onclick="receivedTyre('.$f['id'].')" />';
1979 }else {
1980 $receiveButton = '';
1981 }
1982
1983 $trDelivery .= '<tr>';
1984 $trDelivery .= '<td>'.$i.'</td>';
1985 $trDelivery .= '<td>'.$customerName.'</td>';
1986 $trDelivery .= '<td>'.$originalRegNr.'</td>';
1987 $trDelivery .= '<td>'.$f['totalTyres'].'</td>';
1988 $trDelivery .= '<td>'.$f['orderedOn'].'</td>';
1989 $trDelivery .= '<td>'.$f['deliveryDate'].'</td>';
1990 $trDelivery .= '<td>'.$f['status'].'</td>';
1991 $trDelivery .= '<td>'.$f['deliveredOn'].'</td>';
1992 $trDelivery .= '<td>'.$deliveredBy.'</td>';
1993 $trDelivery .= '<td>'.$receivedBy.'</td>';
1994 $trDelivery .= '<td>'.$tyreLoc.'</td>';
1995 $trDelivery .= '<td>'.$receiveButton.' '.$changeDeliveryDateButton.'</td>';
1996 $trDelivery .= '</tr>';
1997 $i++;
1998 }
1999 }
2000 echo $trDelivery;
2001 return;
2002 }
2003 else if($type == 'orderHistory') {
2004 $fetch = mysqli_fetch_all_n(mysqli_query($con, "SELECT * FROM orders WHERE orgNr='$orgNr'"), MYSQLI_ASSOC);
2005 $trOrder = '';
2006 $i = 1;
2007 foreach($fetch as $f) {
2008 if(!strpos($f['tyreIDs'], ',')) { $tyreIDs = $f['tyreIDs'].','; }
2009 $tyreIDs = explode(',', $tyreIDs);
2010 foreach($tyreIDs as $tyreID) {
2011 if($tyreID == '') { continue; }
2012 $tyreID = (int)$tyreID;
2013 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID AND regNr LIKE '%$regNr%'");
2014 if(mysqli_num_rows($q) == 0) { continue; }
2015 $ft = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2016 $originalRegNr = $ft['regNr'];
2017
2018 $customerIDOrder = (int) $f['customerID'];
2019 $fC = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerIDOrder"), MYSQLI_ASSOC);
2020 $customerName = $fC['username'];
2021
2022 $employeeID = $f['employeeID'];
2023 $fe = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM employees WHERE id=$employeeID"), MYSQLI_ASSOC);
2024 $pickedupBy = $fe['name'];
2025
2026 $trOrder .= '<tr>';
2027 $trOrder .= '<td>'.$i.'</td>';
2028 $trOrder .= '<td>'.$customerName.'</td>';
2029 $trOrder .= '<td>'.$originalRegNr.'</td>';
2030 $trOrder .= '<td>'.$f['orderedOn'].'</td>';
2031 $trOrder .= '<td>'.$f['status'].'</td>';
2032 $trOrder .= '<td>'.$pickedupBy.'</td>';
2033 $trOrder .= '<td></td>';
2034 $trOrder .= '</tr>';
2035 $i++;
2036 }
2037 }
2038 echo $trOrder;
2039 return;
2040 }
2041 else if($type == 'pickupHistory') {
2042 $customerID = (int)$_SESSION['customerID'];
2043 $f = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2044 $companyID = $f['companyID'];
2045
2046 $q = mysqli_query($con, "SELECT * FROM pickup_orders WHERE orderedOn LIKE '%$regNr%' AND companyID=$companyID");
2047 if(mysqli_num_rows($q) > 0) {
2048 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2049 $td = '';
2050 $i = 1;
2051 foreach($fetch as $f) {
2052 $customerID = (int)$f['customerID'];
2053 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2054 $customerName = $fc['username'];
2055
2056 $td .= '<tr>';
2057 $td .= '<td>'.$i.'</td>';
2058 $td .= '<td>'.$f['orderedOn'].'</td>';
2059 $td .= '<td>'.$f['tyreSet'].'</td>';
2060 $td .= '<td>'.$customerName.'</td>';
2061 $td .= '<td>'.$f['pickupDate'].'</td>';
2062 $td .= '<td>'.$f['address'].'</td>';
2063 $td .= '<td>'.$f['status'].'</td>';
2064 $td .= '<td></td>';
2065 $td .= '</tr>';
2066 $i++;
2067 }
2068 echo $td;
2069 return;
2070 }
2071
2072 echo '';
2073 return;
2074 }
2075 else if($type == 'privateCustomer') {
2076 $con = dbCon();
2077
2078 $customerID = (int)$_SESSION['customerID'];
2079 $f = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2080 $companyID = $f['companyID'];
2081 $orgNr = p($_SESSION['orgNr']);
2082
2083 $privateCustomerID = 0;
2084 $offerID = 0;
2085 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' AND stored=1 AND regNr LIKE '%$regNr%' ORDER BY id DESC");
2086 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2087 $tr = '';
2088 $totalRows = mysqli_num_rows($q);
2089
2090 foreach($fetch as $f) {
2091
2092 $tyreID = $f['id'];
2093 $deliveryID = $f['deliveryID'];
2094
2095 if($deliveryID != '') {
2096 if($totalRows == 1) {
2097 $r = ['already ordered'];
2098 echo json_encode($r);
2099 return;
2100 }
2101 continue;
2102 }
2103
2104 $regNr = $f['regNr'];
2105
2106 /*
2107 if($f['delivered'] == 1) {
2108 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
2109 if(mysqli_num_rows($q) > 0) { continue; }
2110 }
2111 */
2112
2113 $rowArray = createDataAttr($f);
2114
2115 //$rowArray = json_encode($rowArray);
2116
2117 $orderID = $f['orderID'];
2118 $q = mysqli_query($con, "SELECT * FROM orders WHERE orderID='$orderID'");
2119 $fo = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2120 $orderType = $fo['type'];
2121
2122 $deliveryOrdered = 0;
2123 $qd = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND tyreIDs LIKE '%$tyreID%'");
2124 if(mysqli_num_rows($qd) > 0) {
2125 $deliveryOrdered = 1;
2126 }
2127
2128 if($f['ordered'] == 1 && $deliveryOrdered == 0) {
2129 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
2130 //$onClick = 'onclick="addOrder(this)"';
2131
2132 //if($orderType == 'order') {
2133 // $orderButton = '';
2134 // $onClick = 'onclick="addOrder(this)"';
2135 //}
2136 }
2137 else if($deliveryOrdered == 1) {
2138 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
2139 //$onClick = '';
2140 }
2141
2142 $onClick = 'onclick="$(\'#regNrSearch\').val(\''.$f['regNr'].'\');"';
2143
2144 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
2145
2146 $orderTyreButton = '<input type="button" class="greenButton orderTyreButton" data-regnr="'.$f['regNr'].'" style="border-radius:5px; padding:0px 5px;" onclick="redirectForOrderTyre(this)" value="Order Tyre" />';
2147
2148 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
2149 $tr .= '<td>'.$f['filed'].'</td>';
2150 //$tr .= '<td>'.$f['issued'].'</td>';
2151 $tr .= '<td>'.$f['department'].'</td>';
2152 $tr .= '<td>'.$f['regNr'].'</td>';
2153 $tr .= '<td>'.$f['location'].'</td>';
2154 $tr .= '<td>'.$f['tyreSize'].'</td>';
2155 $tr .= '<td>'.$f['pattern'].'</td>';
2156 $tr .= '<td>'.$f['season'].'</td>';
2157 $tr .= '<td>'.$washed.'</td>';
2158 $tr .= '<td>'.$f['condition'].'</td>';
2159 $tr .= '<td>'.$orderButton.'</td>';
2160 $tr .= '<td>'.$orderTyreButton.'</td>';
2161 $tr .= '</tr>';
2162
2163
2164
2165
2166 }
2167
2168 $tyreOfferTr = '';
2169 $tyreOffers = array();
2170 $requestsTr = '';
2171 $privateCustomerDetails = '';
2172 $arr = array();
2173 if($tr != '' && $totalRows == 1) {
2174 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$regNr%' AND companyID = $companyID");
2175 if(mysqli_num_rows($q) > 0) {
2176
2177 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2178 $privateCustomerID = $f['id'];
2179
2180 $arr['username'] = '<span class="field" >'.$f['username'].'</span><input type="text" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['username'].'"/>';
2181 $arr['password'] = '<span class="field" ></span><input type="text" id="password" class="txtInput editField" style="display:none; width:200px; padding:2px;" value=""/>';
2182 $arr['firstName'] = '<span class="field" >'.$f['firstName'].'</span><input type="text" id="firstName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['firstName'].'"/>';
2183 $arr['lastName'] = '<span class="field" >'.$f['lastName'].'</span><input type="text" id="lastName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['lastName'].'"/>';
2184 $arr['address'] = '<span class="field" >'.$f['address'].'</span><input type="text" id="address" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['address'].'"/>';
2185 $arr['postCode'] = '<span class="field" >'.$f['postCode'].'</span><input type="text" id="postCode" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['postCode'].'"/>';
2186 $arr['mobile'] = '<span class="field" >'.$f['mobile'].'</span><input type="text" id="mobile" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['mobile'].'"/>';
2187 $arr['email'] = '<span class="field" >'.$f['email'].'</span><input type="text" id="email" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['email'].'"/>';
2188 $arr['comment'] = '<span class="field" >'.$f['comments'].'</span><input type="text" id="comment" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['comments'].'"/>';
2189 $arr['payment'] = $f['payment'];
2190 $arr['paymentLog'] = $f['paymentLog'];
2191 $arr['buttons'] = '<input type="button" value="Edit" class="orangeButton editButton" onclick="editPrivateCustomerDetails()"> <input type="button" style="display:none;" value="Save" class="greenButton saveButton" onclick="savePrivateCustomer()"> <input type="button" value="Delete" class="redButton deleteButton" onclick="">';
2192
2193 }else {
2194 $arr['username'] = '<input type="text" name="username" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2195 $arr['password'] = '<input type="text" name="password" id="password" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2196 $arr['firstName'] = '<input type="text" name="firstName" id="firstName" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2197 $arr['lastName'] = '<input type="text" name="lastName" id="lastName" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2198 $arr['address'] = '<input type="text" name="address" id="address" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2199 $arr['postCode'] = '<input type="text" name="postCode" id="postCode" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2200 $arr['mobile'] = '<input type="text" name="mobile" id="mobile" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2201 $arr['email'] = '<input type="text" name="email" id="email" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
2202 $arr['comment'] = '<input type="text" name="comment" id="comment" class="txtInput editField" style="margin:2px; padding:2px; width:200px;" />';
2203 $arr['payment'] = '';
2204 $arr['paymentLog'] = '';
2205 $arr['buttons'] = '<input type="button" value="Save Customer Details" class="greenButton" style="margin:3px;" onclick="savePrivateCustomer()">';
2206 }
2207
2208 $privateCustomerDetails = '
2209 <input type="hidden" id="regNr" value="'.$regNr.'" />
2210 <input type="hidden" id="tyreID" value="'.$tyreID.'" />
2211 <input type="hidden" id="privateCustomerID" value="'.$privateCustomerID.'" />
2212 <tr class="headAdmin" style="padding:3px;">
2213 <th style="border-bottom:1px solid #5981d6;">Username</th><td style="text-align:left;" class="tdUsername"> '.$arr['username'].'</td>
2214 </tr>
2215 <tr class="headAdmin" style="padding:3px;">
2216 <th style="border-bottom:1px solid #5981d6;">Password</th><td style="text-align:left;" class="tdPassword">'.$arr['password'].'</td>
2217 </tr>
2218 <tr class="headAdmin" style="padding:3px;">
2219 <th style="border-bottom:1px solid #5981d6;">First Name</th><td style="text-align:left;" class="tdFirstName">'.$arr['firstName'].'</td>
2220 </tr>
2221 <tr class="headAdmin" style="padding:3px;">
2222 <th style="border-bottom:1px solid #5981d6;">Last Name</th><td style="text-align:left;" class="tdLastName">'.$arr['lastName'].'</td>
2223 </tr>
2224 <tr class="headAdmin" style="padding:3px;">
2225 <th style="border-bottom:1px solid #5981d6;">Address</th><td style="text-align:left;" class="tdAddress">'.$arr['address'].'</td>
2226 </tr>
2227 <tr class="headAdmin" style="padding:3px;">
2228 <th style="border-bottom:1px solid #5981d6;">Post Code</th><td style="text-align:left;" class="tdPostCode">'.$arr['postCode'].'</td>
2229 </tr>
2230 <tr class="headAdmin" style="padding:3px;">
2231 <th style="border-bottom:1px solid #5981d6;">Mobile</th><td style="text-align:left;" class="tdMobile">'.$arr['mobile'].'</td>
2232 </tr>
2233 <tr class="headAdmin" style="padding:3px;">
2234 <th style="border-bottom:1px solid #5981d6;">E-mail</th><td style="text-align:left;" class="tdEmail">'.$arr['email'].'</td>
2235 </tr>
2236 <tr class="headAdmin" style="padding:3px;">
2237 <th style="border-bottom:1px solid #5981d6;">Comments</th><td style="max-width:300px; text-align:left;" class="tdComment">'.$arr['comment'].'</td>
2238 </tr>
2239 <tr class="headAdmin" style="padding:3px;">
2240 <th style="border-bottom:1px solid #5981d6;">Payment</th><td style="text-align:left;" class="tdPayment">'.$arr['payment'].'</td>
2241 </tr>
2242 <tr class="headAdmin" style="padding:3px;">
2243 <th style="border-bottom:1px solid #5981d6;">Payment Log</th><td style="text-align:left;" class="tdPayemntLog">'.$arr['paymentLog'].'</td>
2244 </tr>
2245 <tr class="headAdmin" style="padding:3px;">
2246 <th> </th>
2247 <td class="tdButtons">'.$arr['buttons'].'</td>
2248 </tr>';
2249
2250 $tyreOffers = ['size_b' => '', 'price_b' => '', 'brand_b' => '', 'model_b' => '', 'count_b' => '', 'size_m' => '', 'price_m' => '', 'brand_m' => '', 'model_m' => '', 'count_m' => '', 'size_p' => '', 'price_p' => '', 'brand_p' => '', 'model_p' => '', 'count_p' => '', 'recommendedType'=>''];
2251 if((int)$privateCustomerID != 0) {
2252 $q = mysqli_query($con, "SELECT * FROM requests WHERE privateCustomerID = $privateCustomerID AND tyreID=$tyreID ORDER BY replied ASC"); //regNr = '$regNr'
2253 if(mysqli_num_rows($q) > 0) {
2254 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2255 foreach($fetch as $f) {
2256
2257 $offerID = $f['offerID'];
2258 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE id=$offerID AND selectedType = ''");
2259 if(!$q || mysqli_num_rows($q) == 0) {
2260 continue;
2261 }
2262
2263 if($f['replied'] == 0) {
2264 $reply = '<td class="tdReply'.$f['id'].'" style="max-width:200px; max-height:50px; overflow:auto;"><textarea id="reply'.$f['id'].'" style="width:100px; height:30px;"></textarea></td>';
2265 $replyButton = '<td class="tdButton'.$f['id'].'"><input type="button" class="greenButton replyButton'.$f['id'].'" value="Reply" onclick="reply('.$f['id'].')" /></td>';
2266
2267 }else {
2268 $reply = '<td class="tdReply'.$f['id'].'" style="text-align:left; max-width:200px; max-height:50px; overflow:auto;">'.$f['reply'].'</td>';
2269 $replyButton = '<td></td>';
2270 }
2271
2272 $requestsTr .= '<tr>';
2273 $requestsTr .= '<td>'.$f['requestedOn'].'</td>';
2274 $requestsTr .= '<td class="tdRequest'.$f['id'].'" style="text-align:left; max-width:200px; max-height:50px; overflow:auto;">'.$f['request'].'</td>';
2275 $requestsTr .= $reply;
2276 $requestsTr .= $replyButton;
2277 $requestsTr .= '</tr>';
2278
2279 }
2280 }
2281
2282 //if($offerID != 0) {
2283 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE selectedType = '' AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID"); //id=$offerID AND selectedType = ''");
2284 if(mysqli_num_rows($q) > 0) {
2285 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2286
2287 $tyreOffers = [
2288 'size_b' => $f['size_b'],
2289 'price_b' => $f['price_b'],
2290 'brand_b' => $f['brand_b'],
2291 'model_b' => $f['model_b'],
2292 'count_b' => $f['count_b'],
2293 'size_m' => $f['size_m'],
2294 'price_m' => $f['price_m'],
2295 'brand_m' => $f['brand_m'],
2296 'model_m' => $f['model_m'],
2297 'count_m' => $f['count_m'],
2298 'size_p' => $f['size_p'],
2299 'price_p' => $f['price_p'],
2300 'brand_p' => $f['brand_p'],
2301 'model_p' => $f['model_p'],
2302 'count_p' => $f['count_p'],
2303 'recommendedType' => $f['recommendedType']
2304 ];
2305
2306 }
2307 //}
2308 }
2309
2310 $recommendedButtonB = 'display:inline-block;';
2311 $recommendedButtonM = 'display:inline-block;';
2312 $recommendedButtonP = 'display:inline-block;';
2313 if($tyreOffers['recommendedType'] == 'b') {
2314 $recommendedButtonB = 'display:none;';
2315 }else if($tyreOffers['recommendedType'] == 'm') {
2316 $recommendedButtonM = 'display:none;';
2317 }else if($tyreOffers['recommendedType'] == 'p') {
2318 $recommendedButtonP = 'display:none;';
2319 }
2320
2321 $tyreOfferTr .= '<tr>';
2322 $tyreOfferTr .= '<td>Budget Tyre</td>';
2323 $tyreOfferTr .= '<td><input type="text" id="size_b" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_b'].'"/></td>';
2324 $tyreOfferTr .= '<td><input type="text" id="price_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_b'].'"/></td>';
2325 $tyreOfferTr .= '<td><input type="text" id="brand_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_b'].'"/></td>';
2326 $tyreOfferTr .= '<td><input type="text" id="model_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_b'].'"/></td>';
2327 $tyreOfferTr .= '<td><input type="text" id="count_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_b'].'"/></td>';
2328 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'b\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_b recommendButton" style="'.$recommendedButtonB.'" value="Recommend" onclick="recommend('.$tyreID.', \'b\')"/></td>';
2329 $tyreOfferTr .= '</tr>';
2330 $tyreOfferTr .= '<tr>';
2331 $tyreOfferTr .= '<td>Middle Tyre</td>';
2332 $tyreOfferTr .= '<td><input type="text" id="size_m" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_m'].'"/></td>';
2333 $tyreOfferTr .= '<td><input type="text" id="price_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_m'].'"/></td>';
2334 $tyreOfferTr .= '<td><input type="text" id="brand_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_m'].'"/></td>';
2335 $tyreOfferTr .= '<td><input type="text" id="model_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_m'].'"/></td>';
2336 $tyreOfferTr .= '<td><input type="text" id="count_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_m'].'"/></td>';
2337 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'m\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_m recommendButton" style="'.$recommendedButtonM.'" value="Recommend" onclick="recommend('.$tyreID.', \'m\')"/></td>';
2338 $tyreOfferTr .= '</tr>';
2339 $tyreOfferTr .= '<tr>';
2340 $tyreOfferTr .= '<td>Premium Tyre</td>';
2341 $tyreOfferTr .= '<td><input type="text" id="size_p" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_p'].'"/></td>';
2342 $tyreOfferTr .= '<td><input type="text" id="price_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_p'].'"/></td>';
2343 $tyreOfferTr .= '<td><input type="text" id="brand_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_p'].'"/></td>';
2344 $tyreOfferTr .= '<td><input type="text" id="model_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_p'].'"/></td>';
2345 $tyreOfferTr .= '<td><input type="text" id="count_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_p'].'"/></td>';
2346 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'p\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_p recommendButton" style="'.$recommendedButtonP.'" value="Recommend" onclick="recommend('.$tyreID.', \'p\')"/></td>';
2347 $tyreOfferTr .= '</tr>';
2348
2349 }
2350
2351 $r = [$tr, $privateCustomerDetails, $requestsTr, $tyreOfferTr];
2352 echo json_encode($r);
2353 return;
2354 }
2355 else if($type == 'privateCustomerTyreChangeHistory') {
2356 $regNrValue = $regNr;
2357
2358 // for iterating through every privateCustomers
2359 //$q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr != '' OR tyreID != ''");
2360
2361 // for specific privateCustomer with assigned regNr
2362 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE regNr LIKE '%$regNrValue%' AND tyreID != ''");
2363 if(mysqli_num_rows($q) == 0) {
2364 $r = ['no entry'];
2365 echo json_encode($r);
2366 return;
2367 }
2368
2369 $trNormal = '';
2370 $trOffer = '';
2371 $iOffer = 1;
2372 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2373 foreach($fetch as $f) {
2374 $privateCustomerID = $f['id'];
2375
2376 // normal tyre orders
2377
2378 $url = 'http://***.no/management/api/functions.php';
2379 $postData = ['method'=>'getNormalTyreChangeHistory', 'privateCustomerID'=>$privateCustomerID, 'regNr'=>$regNr];
2380 $response = get_web_page($url, $postData);
2381 $resObj = json_decode($response);
2382
2383 if(is_object($resObj)) {
2384 if($resObj->result == 'success') {
2385 $trNormal .= $resObj->data;
2386 }
2387 }
2388
2389 // offer tyre orders
2390 //$tr = '';
2391 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE privateCustomerID=$privateCustomerID AND selectedType != '' AND workOrderID != 0 ORDER BY id DESC");
2392 if(mysqli_num_rows($q) > 0) {
2393
2394 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2395 foreach($fetch as $f) {
2396
2397 $sType = $f['selectedType'];
2398 $regNr = $f['regNr'];
2399 $tyreID = $f['tyreID'];
2400 $offerID = $f['id'];
2401
2402 if($f['changed'] == 1) { $status = 'Changed'; } else { $status = '<span style="color:red;">Not Changed</span>'; }
2403
2404 if($sType == 'b') { $tyreType = 'Budget Tyre'; }
2405 else if($sType == 'm') { $tyreType = 'Middle Tyre'; }
2406 else if($sType == 'p') { $tyreType = 'Premium Tyre'; }
2407
2408 $url = 'http://***.no/management/api/functions.php';
2409 $postData = [
2410 'method'=>'getOfferTyreChangeHistory',
2411 'workOrderID'=>$f['workOrderID'],
2412 'tyreType'=>$tyreType,
2413 'regNr' => $regNr,
2414 'tyreID' => $tyreID,
2415 'privateCustomerID' => $privateCustomerID,
2416 'offerID' => $offerID,
2417 'workType' => 'Offer Tyre Change',
2418 'searchRegNr' => $regNrValue
2419 ];
2420 $response = get_web_page($url, $postData);
2421 $resArr = array();
2422 $resArr = json_decode($response);
2423 if(is_object($resArr)) {
2424 if($resArr->result == 'success') {
2425 $trOffer .= $resArr->data;
2426 }
2427 }
2428
2429 }
2430 }
2431 }
2432
2433 $r = [$trNormal, $trOffer];
2434 echo json_encode($r);
2435 return;
2436
2437 }
2438 else if($type == 'usernamePrivateCustomer') {
2439 $username = $regNr;
2440
2441 $customerID = (int)$_SESSION['customerID'];
2442 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2443 $companyID = $fc['companyID'];
2444
2445 $regNrSelect = '';
2446 $customerIDs = array();
2447 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
2448 if(mysqli_num_rows($q) > 0) {
2449 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2450 $customerIDs[] = $f['id'];
2451 }
2452
2453 foreach($customerIDs as $cID) {
2454 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
2455 if(mysqli_num_rows($q) > 0) {
2456 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2457 foreach($fetch as $f) {
2458 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
2459 }
2460 }
2461 }
2462
2463 $tr = '';
2464 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND username LIKE '%$username%'");
2465 if(mysqli_num_rows($q) > 0) {
2466
2467 $i = 1;
2468 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2469 foreach($fetch as $f) {
2470
2471 $companyID = $f['companyID'];
2472 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2473 $company = $fc['name'];
2474
2475 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
2476
2477 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
2478
2479 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
2480
2481 $regNrEdit = '';
2482 $regNr = '';
2483 if($f['regNr'] != '') {
2484 $regNrs = explode(',', $f['regNr']);
2485 foreach($regNrs as $nr) {
2486 if($nr == '') { continue; }
2487 $regNr .= $nr.',';
2488 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
2489 }
2490 }
2491
2492
2493 $tr .= '<tr>';
2494 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
2495 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></td>';
2496 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
2497 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
2498 $tr .= '<td>'.$company.'</td>';
2499 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
2500 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
2501 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
2502 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
2503 $tr .= '<td style="max-width:200px; overflow:auto;">
2504 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
2505 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
2506 <option value=0>Select a RegNr</option>
2507 '.$regNrSelect.'
2508 </select>
2509 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
2510 '.$regNrEdit.'
2511 </div>
2512 </td>';
2513 $tr .= '<td>'.$buttons.'</td>';
2514 $tr .= '</tr>';
2515 $i++;
2516
2517 }
2518 $r = ['success',$tr];
2519 echo json_encode($r);
2520 return;
2521 }
2522 echo 'no entry';
2523 return;
2524 }
2525 else if($type == 'chatHistory') {
2526 $username = $regNr;
2527 $customerID = (int)$_SESSION['customerID'];
2528
2529 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2530 $companyID = $fc['companyID'];
2531
2532 $tr = '';
2533 $i = 1;
2534 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND username LIKE '%$username%'");
2535 if(mysqli_num_rows($q) > 0) {
2536
2537 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2538 foreach($fetch as $f) {
2539 $privateCustomerID = $f['id'];
2540 $customerName = $f['firstName'].' '.$f['lastName'];
2541
2542 $q = mysqli_query($con, "SELECT * FROM requests WHERE privateCustomerID=$privateCustomerID ORDER BY replied ASC");
2543 if(mysqli_num_rows($q) > 0) {
2544
2545 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2546 foreach($fetch as $f) {
2547
2548 if($f['replied'] == 0) {
2549 $buttons = '<input type="button" class="orangeButton replyButton'.$f['id'].'" value="Reply" onclick="reply('.$f['id'].')" />
2550 <input type="button" class="greenButton sendButton'.$f['id'].'" value="Send" onclick="send('.$f['id'].')" style="display:none;"/>';
2551 }else { $buttons = ''; }
2552
2553 $repliedBy = $f['repliedBy'];
2554 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$repliedBy"), MYSQLI_ASSOC);
2555 $repliedBy = $fc['username'];
2556
2557 $tr .= '<tr>';
2558 $tr .= '<td>'.$i.'</td>';
2559 $tr .= '<td>'.$customerName.'</td>';
2560 $tr .= '<td>'.$f['regNr'].'</td>';
2561 $tr .= '<td>'.$f['requestedOn'].'</td>';
2562 $tr .= '<td style="max-width:250px; overflow:auto; max-height:200px;">'.$f['request'].'</td>';
2563 $tr .= '<td>'.$f['replyDate'].'</td>';
2564 $tr .= '<td>'.$repliedBy.'</td>';
2565 $tr .= '<td style="max-width:250px; overflow:auto; max-height:200px;">'.$f['reply'].'<textarea class="editField'.$f['id'].'" style="max-width:200px; max-height:150px; display:none;" id="reply'.$f['id'].'"></textarea></td>';
2566 $tr .= '<td>'.$buttons.'</td>';
2567 $tr .= '</tr>';
2568 $i++;
2569 }
2570 }
2571 }
2572 echo $tr;
2573 return;
2574 }
2575 echo 'no entry';
2576 return;
2577 }
2578 else if($type == 'fnamePrivateCustomer') {
2579 $fname = $regNr;
2580
2581 $customerID = (int)$_SESSION['customerID'];
2582 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT companyID FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2583 $companyID = $fc['companyID'];
2584
2585 $regNrSelect = '';
2586 $customerIDs = array();
2587 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
2588 if(mysqli_num_rows($q) > 0) {
2589 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2590 $customerIDs[] = $f['id'];
2591 }
2592
2593 foreach($customerIDs as $cID) {
2594 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
2595 if(mysqli_num_rows($q) > 0) {
2596 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2597 foreach($fetch as $f) {
2598 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
2599 }
2600 }
2601 }
2602
2603 $tr = '';
2604 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND firstName LIKE '%$fname%'");
2605 if(mysqli_num_rows($q) > 0) {
2606
2607 $i = 1;
2608 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2609 foreach($fetch as $f) {
2610
2611 $companyID = $f['companyID'];
2612 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2613 $company = $fc['name'];
2614
2615 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
2616
2617 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
2618
2619 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
2620
2621 $regNrEdit = '';
2622 $regNr = '';
2623 if($f['regNr'] != '') {
2624 $regNrs = explode(',', $f['regNr']);
2625 foreach($regNrs as $nr) {
2626 if($nr == '') { continue; }
2627 $regNr .= $nr.',';
2628 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
2629 }
2630 }
2631
2632
2633 $tr .= '<tr>';
2634 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
2635 $tr .= '<div style="display:none;"><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></div>';
2636 $tr .= '<td style="max-width:100px; overflow:auto;">'.$regNr.'</td>';
2637 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
2638 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
2639 $tr .= '<td>'.$company.'</td>';
2640 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
2641 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
2642 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
2643 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
2644 $tr .= '<td style="max-width:200px; overflow:auto;">
2645 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
2646 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
2647 <option value=0>Select a RegNr</option>
2648 '.$regNrSelect.'
2649 </select>
2650 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
2651 '.$regNrEdit.'
2652 </div>
2653 </td>';
2654 $tr .= '<td>'.$buttons.'</td>';
2655 $tr .= '</tr>';
2656 $i++;
2657
2658 }
2659 $r = ['success', $tr];
2660 echo json_encode($r);
2661 return;
2662 }
2663 echo 'no entry';
2664 return;
2665 }
2666 else if($type == 'lnamePrivateCustomer') {
2667 $lname = $regNr;
2668
2669 $customerID = (int)$_SESSION['customerID'];
2670 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT companyID FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2671 $companyID = $fc['companyID'];
2672
2673 $regNrSelect = '';
2674 $customerIDs = array();
2675 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
2676 if(mysqli_num_rows($q) > 0) {
2677 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2678 $customerIDs[] = $f['id'];
2679 }
2680
2681 foreach($customerIDs as $cID) {
2682 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
2683 if(mysqli_num_rows($q) > 0) {
2684 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2685 foreach($fetch as $f) {
2686 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
2687 }
2688 }
2689 }
2690
2691 $tr = '';
2692 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND lastName LIKE '%$lname%'");
2693 if(mysqli_num_rows($q) > 0) {
2694
2695 $i = 1;
2696 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2697 foreach($fetch as $f) {
2698
2699 $companyID = $f['companyID'];
2700 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2701 $company = $fc['name'];
2702
2703 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
2704
2705 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
2706
2707 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
2708
2709 $regNrEdit = '';
2710 $regNr = '';
2711 if($f['regNr'] != '') {
2712 $regNrs = explode(',', $f['regNr']);
2713 foreach($regNrs as $nr) {
2714 if($nr == '') { continue; }
2715 $regNr .= $nr.',';
2716 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
2717 }
2718 }
2719
2720
2721 $tr .= '<tr>';
2722 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
2723 $tr .= '<div style="display:none;"><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></div>';
2724 $tr .= '<td style="max-width:100px; overflow:auto;">'.$regNr.'</td>';
2725 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
2726 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
2727 $tr .= '<td>'.$company.'</td>';
2728 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
2729 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
2730 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
2731 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
2732 $tr .= '<td style="max-width:200px; overflow:auto;">
2733 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
2734 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
2735 <option value=0>Select a RegNr</option>
2736 '.$regNrSelect.'
2737 </select>
2738 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
2739 '.$regNrEdit.'
2740 </div>
2741 </td>';
2742 $tr .= '<td>'.$buttons.'</td>';
2743 $tr .= '</tr>';
2744 $i++;
2745
2746 }
2747
2748 $r = ['success', $tr];
2749 echo json_encode($r);
2750 return;
2751 }
2752 echo 'no entry';
2753 return;
2754 }
2755 else if($type == 'regNrPrivateCustomer') {
2756
2757 $customerID = (int)$_SESSION['customerID'];
2758 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT companyID FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2759 $companyID = $fc['companyID'];
2760
2761 $regNrSelect = '';
2762 $customerIDs = array();
2763 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
2764 if(mysqli_num_rows($q) > 0) {
2765 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2766 $customerIDs[] = $f['id'];
2767 }
2768
2769 foreach($customerIDs as $cID) {
2770 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
2771 if(mysqli_num_rows($q) > 0) {
2772 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2773 foreach($fetch as $f) {
2774 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
2775 }
2776 }
2777 }
2778
2779 $tr = '';
2780 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND regNr LIKE '%$regNr%'");
2781 if(mysqli_num_rows($q) > 0) {
2782
2783 $i = 1;
2784 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2785 foreach($fetch as $f) {
2786
2787 $companyID = $f['companyID'];
2788 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2789 $company = $fc['name'];
2790
2791 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
2792
2793 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
2794
2795 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
2796
2797 $regNrEdit = '';
2798 $regNr = '';
2799 if($f['regNr'] != '') {
2800 $regNrs = explode(',', $f['regNr']);
2801 foreach($regNrs as $nr) {
2802 if($nr == '') { continue; }
2803 $regNr .= $nr.',';
2804 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
2805 }
2806 }
2807
2808
2809 $tr .= '<tr>';
2810 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
2811 $tr .= '<div style="display:none;"><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></div>';
2812 $tr .= '<td style="max-width:100px; overflow:auto;">'.$regNr.'</td><input type="hidden" id="username'.$f['id'].'" value="'.$f['username'].'" </input>';
2813 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
2814 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
2815 $tr .= '<td>'.$company.'</td>';
2816 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
2817 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
2818 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
2819 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
2820 $tr .= '<td style="max-width:200px; overflow:auto;">
2821 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
2822 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
2823 <option value=0>Select a RegNr</option>
2824 '.$regNrSelect.'
2825 </select>
2826 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
2827 '.$regNrEdit.'
2828 </div>
2829 </td>';
2830 $tr .= '<td>'.$buttons.'</td>';
2831 $tr .= '</tr>';
2832 $i++;
2833
2834 }
2835
2836 $r = ['success', $tr];
2837 echo json_encode($r);
2838 return;
2839 }
2840 echo 'no entry';
2841 return;
2842 }
2843 else if($type == 'mobilePrivateCustomer') {
2844 $mobile = $regNr;
2845
2846 $customerID = (int)$_SESSION['customerID'];
2847 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT companyID FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
2848 $companyID = $fc['companyID'];
2849
2850 $regNrSelect = '';
2851 $customerIDs = array();
2852 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
2853 if(mysqli_num_rows($q) > 0) {
2854 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2855 $customerIDs[] = $f['id'];
2856 }
2857
2858 foreach($customerIDs as $cID) {
2859 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
2860 if(mysqli_num_rows($q) > 0) {
2861 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2862 foreach($fetch as $f) {
2863 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
2864 }
2865 }
2866 }
2867
2868 $tr = '';
2869 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND mobile LIKE '%$mobile%'");
2870 if(mysqli_num_rows($q) > 0) {
2871
2872 $i = 1;
2873 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2874 foreach($fetch as $f) {
2875
2876 $companyID = $f['companyID'];
2877 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2878 $company = $fc['name'];
2879
2880 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
2881
2882 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
2883
2884 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
2885
2886 $regNrEdit = '';
2887 $regNr = '';
2888 if($f['regNr'] != '') {
2889 $regNrs = explode(',', $f['regNr']);
2890 foreach($regNrs as $nr) {
2891 if($nr == '') { continue; }
2892 $regNr .= $nr.',';
2893 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
2894 }
2895 }
2896
2897
2898 $tr .= '<tr>';
2899 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
2900 $tr .= '<div style="display:none;"><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></div>';
2901 $tr .= '<td style="max-width:100px; overflow:auto;">'.$regNr.'</td>';
2902 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
2903 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
2904 $tr .= '<td>'.$company.'</td>';
2905 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
2906 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
2907 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
2908 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
2909 $tr .= '<td style="max-width:200px; overflow:auto;">
2910 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
2911 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
2912 <option value=0>Select a RegNr</option>
2913 '.$regNrSelect.'
2914 </select>
2915 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
2916 '.$regNrEdit.'
2917 </div>
2918 </td>';
2919 $tr .= '<td>'.$buttons.'</td>';
2920 $tr .= '</tr>';
2921 $i++;
2922
2923 }
2924
2925 $r = ['success', $tr];
2926 echo json_encode($r);
2927 return;
2928 }
2929 echo 'no entry';
2930 return;
2931 }
2932 else if($type == 'completeOrderHistory') {
2933 $q = mysqli_query($con, "SELECT * FROM orders WHERE orgNr = '$orgNr' ORDER BY id DESC");
2934 if(mysqli_num_rows($q) > 0) {
2935 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2936 $i = 1;
2937 $trOrder = '';
2938
2939 foreach($fetch as $f) {
2940 $customerIDOrder = (int) $f['customerID'];
2941 $q = mysqli_query($con, "SELECT * FROM customers WHERE id=$customerIDOrder");
2942 $fC = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2943 $companyID = (int)$fC['companyID'];
2944 $customerName = $fC['username'];
2945 //$fC = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2946 //$customerName = $fC['name'];
2947
2948 $tyreIDs = $f['tyreIDs'];
2949 $tyreIDs = explode(',', $tyreIDs);
2950 $regNr = '';
2951 foreach($tyreIDs as $tyreID) {
2952 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID");
2953 $ft = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2954 $regNr .= $ft['regNr'].',';
2955 }
2956
2957 $employeeID = $f['employeeID'];
2958 $fe = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM employees WHERE id=$employeeID"), MYSQLI_ASSOC);
2959 $pickedupBy = $fe['name'];
2960
2961 $trOrder .= '<tr>';
2962 $trOrder .= '<td>'.$i.'</td>';
2963 $trOrder .= '<td>'.$customerName.'</td>';
2964 $trOrder .= '<td>'.$regNr.'</td>';
2965 $trOrder .= '<td>'.$f['orderedOn'].'</td>';
2966 $trOrder .= '<td>'.$f['status'].'</td>';
2967 $trOrder .= '<td>'.$pickedupBy.'</td>';
2968 $trOrder .= '<td></td>';
2969 $trOrder .= '</tr>';
2970 $i++;
2971 }
2972 echo $trOrder;
2973 return;
2974 }
2975 echo 'no entry';
2976 return;
2977 }
2978 else if($type == 'completeDeliveryHistory') {
2979 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE orgNr = '$orgNr' ORDER BY id DESC");
2980 if(mysqli_num_rows($q) > 0) {
2981 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
2982 $i = 1;
2983 $trDelivery = '';
2984
2985 foreach($fetch as $f) {
2986
2987 $customerIDDelivery = (int) $f['customerID'];
2988 $q = mysqli_query($con, "SELECT * FROM customers WHERE id=$customerIDDelivery");
2989 $fC = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
2990 $companyID = (int)$fC['companyID'];
2991 $customerName = $fC['username'];
2992 //$fC = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
2993 //$customerName = $fC['name'];
2994
2995 $tyreIDs = $f['tyreIDs'];
2996 $tyreIDs = explode(',', $tyreIDs);
2997 $regNr = '';
2998 $totalTyres = 0;
2999
3000 $tyreLoc = '';
3001 foreach($tyreIDs as $tyreID) {
3002 if($tyreID == '') { continue; }
3003 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID");
3004 $ft = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3005 $regNr .= $ft['regNr'].',';
3006 $tyreLoc .= $ft['location'].',';
3007 $totalTyres++;
3008 }
3009
3010 $deliveredOn = $f['deliveredOn'];
3011
3012 $employeeID = (int)$f['deliveredBy'];
3013 if($employeeID != 0) {
3014 $fe = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM employees WHERE id=$employeeID"), MYSQLI_ASSOC);
3015 $deliveredBy = $fe['name'];
3016 }else { $deliveredBy = 'None'; }
3017
3018 $customerID = (int)$f['receivedBy'];
3019 if($customerID != 0) {
3020 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
3021 $receivedBy = $fc['username'];
3022 }else {
3023 $receivedBy = 'None';
3024 }
3025
3026 if($f['status'] != 'Delivered' && $f['received'] == 0) {
3027 $changeDeliveryDateButton = '<input type="button" class="orangeButton" value="Change Delivery Date" onclick="deliveryDateContainer('.$f['id'].')" />';
3028 }else { $changeDeliveryDateButton = ''; }
3029 if($f['status'] == 'Delivered' && $f['received'] == 0) {
3030 $receiveButton = '<input type="button" class="greenButton" value="Received" onclick="receivedTyre('.$f['id'].')" />';
3031 }else {
3032 $receiveButton = '';
3033 }
3034
3035 $trDelivery .= '<tr>';
3036 $trDelivery .= '<td>'.$i.'</td>';
3037 $trDelivery .= '<td>'.$customerName.'</td>';
3038 $trDelivery .= '<td>'.$regNr.'</td>';
3039 $trDelivery .= '<td>'.$totalTyres.'</td>';
3040 $trDelivery .= '<td>'.$f['orderedOn'].'</td>';
3041 $trDelivery .= '<td>'.$f['deliveryDate'].'</td>';
3042 $trDelivery .= '<td>'.$f['status'].'</td>';
3043 $trDelivery .= '<td>'.$deliveredOn.'</td>';
3044 $trDelivery .= '<td>'.$deliveredBy.'</td>';
3045 $trDelivery .= '<td>'.$receivedBy.'</td>';
3046 $trDelivery .= '<td>'.$tyreLoc.'</td>';
3047 $trDelivery .= '<td>'.$receiveButton.' '.$changeDeliveryDateButton.'</td>';
3048 $trDelivery .= '</tr>';
3049 $i++;
3050 }
3051 echo $trDelivery;
3052 return;
3053 }
3054 echo 'no entry';
3055 return;
3056 }
3057 else if($type == 'completePrivateCustomers') {
3058 $customerID = (int)$_SESSION['customerID'];
3059 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
3060 $companyID = $fc['companyID'];
3061
3062 $regNrSelect = '';
3063
3064 $customerIDs = array();
3065 $q = mysqli_query($con, "SELECT id FROM customers WHERE companyID=$companyID");
3066 if(mysqli_num_rows($q) > 0) {
3067 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3068 $customerIDs[] = $f['id'];
3069 }
3070
3071 foreach($customerIDs as $cID) {
3072 $q = mysqli_query($con, "SELECT * FROM tyres WHERE customerID=$cID AND stored=1");
3073 if(mysqli_num_rows($q) > 0) {
3074 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3075 foreach($fetch as $f) {
3076 $regNrSelect .= '<option value="'.$f['regNr'].'" data-id='.$f['id'].'>'.$f['regNr'].'</option>';
3077 }
3078 }
3079 }
3080
3081 $tr = '';
3082 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID");
3083 if(mysqli_num_rows($q) > 0) {
3084
3085 $i = 1;
3086 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3087 foreach($fetch as $f) {
3088
3089 $companyID = $f['companyID'];
3090 $fc = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
3091 $company = $fc['name'];
3092
3093 $buttons = '<input type="button" value="Edit" class="orangeButton editButton'.$f['id'].' button'.$f['id'].'" onclick="edit('.$f['id'].')" />
3094
3095 <input type="button" value="Save" class="greenButton saveButton'.$f['id'].' button'.$f['id'].'" onclick="save('.$f['id'].')" style="display:none;" />
3096
3097 <input type="button" value="Delete" class="redButton deleteButton'.$f['id'].' button'.$f['id'].'" onclick="deleteRow(\'private_customer\', '.$f['id'].')" />';
3098
3099 $regNrEdit = '';
3100 $regNr = '';
3101 if($f['regNr'] != '') {
3102 $regNrs = explode(',', $f['regNr']);
3103 foreach($regNrs as $nr) {
3104 if($nr == '') { continue; }
3105 $regNr .= $nr.',';
3106 $regNrEdit .= '<span id="regNrContainer'.$nr.'-'.$f['id'].'" style="background-color:#fff999; padding:2px; margin:0px 1px;">'.$nr.'<i data-regnr='.$nr.' onclick="removeRegNr('.$f['id'].', \''.$nr.'\')" class="fa fa-times editRegNrField'.$f['id'].'" style="display:inline-block; color:red;"></i></span>';
3107 }
3108 }
3109
3110
3111 $tr .= '<tr>';
3112 $tr .= '<td>'.$i.'</td><input type="hidden" id="regNrs'.$f['id'].'" value="'.$regNr.'" />';
3113 $tr .= '<div style="display:none;"><span class="txtField'.$f['id'].'">'.$f['username'].'</span><input type="text" id="username'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['username'].'" style="display:none; width:70px;" /></div>';
3114 $tr .= '<td style="max-width:100px; overflow:auto;">'.$regNr.'</td>';
3115 $tr .= '<td title="'.$f['password'].'"><input type="text" id="password'.$f['id'].'" class="editField'.$f['id'].'" value="" style="display:none; width:70px;" /></td>';
3116 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['firstName'].' '.$f['lastName'].'</span><input type="text" id="firstName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['firstName'].'" style="display:none; width:100px;" placeholder="First Name"/><br><input type="text" id="lastName'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['lastName'].'" style="display:none; width:100px;" placeholder="Last Name"/></td>';
3117 $tr .= '<td>'.$company.'</td>';
3118 $tr .= '<td style="max-width:200px; overflow:auto;"><span class="txtField'.$f['id'].'">'.$f['address'].'</span><input type="text" id="address'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['address'].'" style="display:none; width:100px;" /></td>';
3119 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['postCode'].'</span><input type="text" id="postCode'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['postCode'].'" style="display:none; width:70px;" /></td>';
3120 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['mobile'].'</span><input type="text" id="mobile'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['mobile'].'" style="display:none; width:70px;" /></td>';
3121 $tr .= '<td><span class="txtField'.$f['id'].'">'.$f['email'].'</span><input type="text" id="email'.$f['id'].'" class="editField'.$f['id'].'" value="'.$f['email'].'" style="display:none; width:100px;" /></td>';
3122 $tr .= '<td style="max-width:200px; overflow:auto;">
3123 <span class="txtField'.$f['id'].'">'.$regNr.'</span>
3124 <select class="txtInput editRegNrField'.$f['id'].'" onchange="addRegNr('.$f['id'].', this)" id="regNrSelect'.$f['id'].'" style="display:none;">
3125 <option value=0>Select a RegNr</option>
3126 '.$regNrSelect.'
3127 </select>
3128 <div id="regNrContainer'.$f['id'].'" class="editRegNrField'.$f['id'].'" style="display:none; margin-top:5px;">
3129 '.$regNrEdit.'
3130 </div>
3131 </td>';
3132 $tr .= '<td>'.$buttons.'</td>';
3133 $tr .= '</tr>';
3134 $i++;
3135
3136 }
3137 $r = ['success', $tr];
3138 echo json_encode($r);
3139 return;
3140 }
3141 echo 'no entry';
3142 return;
3143 }
3144 else if($type == 'assignFnamePrivateCustomer') {
3145 $con = dbCon();
3146 $fname = $regNr;
3147
3148 $customerID = (int)$_SESSION['customerID'];
3149 $f = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID"), MYSQLI_ASSOC);
3150 $companyID = $f['companyID'];
3151 $orgNr = p($_SESSION['orgNr']);
3152
3153 $tr = '';
3154
3155 $privateCustomerID = 0;
3156 $offerID = 0;
3157 $tyreIDs = array();
3158 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' AND stored=1 ORDER BY id DESC");
3159 if(mysqli_num_rows($q) > 0) {
3160 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3161 foreach($fetch as $f) {
3162 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE companyID=$companyID AND firstName LIKE '%$fname%'");
3163 if(mysqli_num_rows($q) > 0) {
3164 $tyreIDs[] = (int)$f['id'];
3165 }
3166 }
3167 }
3168 $totalRows = count($tyreIDs);
3169 if(count($tyreIDs) > 0) {
3170 foreach($tyreIDs as $tyreID) {
3171 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID");
3172 if(mysqli_num_rows($q) > 0) {
3173 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3174 foreach($fetch as $f) {
3175 $tyreID = $f['id'];
3176 $deliveryID = $f['deliveryID'];
3177
3178 if($deliveryID != '') {
3179 /*if($totalRows == 1) {
3180 $r = ['already ordered'];
3181 echo json_encode($r);
3182 return;
3183 }*/
3184 continue;
3185 }
3186
3187 $regNr = $f['regNr'];
3188
3189 /*
3190 if($f['delivered'] == 1) {
3191 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
3192 if(mysqli_num_rows($q) > 0) { continue; }
3193 }
3194 */
3195
3196 $rowArray = createDataAttr($f);
3197
3198 //$rowArray = json_encode($rowArray);
3199
3200 $orderID = $f['orderID'];
3201 $q = mysqli_query($con, "SELECT * FROM orders WHERE orderID='$orderID'");
3202 $fo = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3203 $orderType = $fo['type'];
3204
3205 $deliveryOrdered = 0;
3206 $qd = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND tyreIDs LIKE '%$tyreID%'");
3207 if(mysqli_num_rows($qd) > 0) {
3208 $deliveryOrdered = 1;
3209 }
3210
3211 if($f['ordered'] == 1 && $deliveryOrdered == 0) {
3212 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3213 //$onClick = 'onclick="addOrder(this)"';
3214
3215 //if($orderType == 'order') {
3216 // $orderButton = '';
3217 // $onClick = 'onclick="addOrder(this)"';
3218 //}
3219 }
3220 else if($deliveryOrdered == 1) {
3221 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3222 //$onClick = '';
3223 }
3224
3225 $onClick = 'onclick="$(\'#regNrSearch\').val(\''.$f['regNr'].'\');"';
3226
3227 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
3228
3229 $orderTyreButton = '<input type="button" class="greenButton orderTyreButton" data-regnr="'.$f['regNr'].'" style="border-radius:5px; padding:0px 5px;" onclick="redirectForOrderTyre(this)" value="Order Tyre" />';
3230
3231 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
3232 $tr .= '<td>'.$f['filed'].'</td>';
3233 //$tr .= '<td>'.$f['issued'].'</td>';
3234 $tr .= '<td>'.$f['department'].'</td>';
3235 $tr .= '<td>'.$f['regNr'].'</td>';
3236 $tr .= '<td>'.$f['location'].'</td>';
3237 $tr .= '<td>'.$f['tyreSize'].'</td>';
3238 $tr .= '<td>'.$f['pattern'].'</td>';
3239 $tr .= '<td>'.$f['season'].'</td>';
3240 $tr .= '<td>'.$washed.'</td>';
3241 $tr .= '<td>'.$f['condition'].'</td>';
3242 $tr .= '<td>'.$orderButton.'</td>';
3243 $tr .= '<td>'.$orderTyreButton.'</td>';
3244 $tr .= '</tr>';
3245 }
3246 }
3247 }
3248 }
3249
3250 $tyreOfferTr = '';
3251 $tyreOffers = array();
3252 $requestsTr = '';
3253 $privateCustomerDetails = '';
3254 $arr = array();
3255 if($tr != '' && $totalRows == 1) {
3256 $q = mysqli_query($con, "SELECT * FROM private_customer WHERE firstName LIKE '%$fname%' AND companyID = $companyID");
3257 if(mysqli_num_rows($q) > 0) {
3258
3259 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3260 $privateCustomerID = $f['id'];
3261
3262 $arr['username'] = '<span class="field" >'.$f['username'].'</span><input type="text" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['username'].'"/>';
3263 $arr['password'] = '<span class="field" ></span><input type="text" id="password" class="txtInput editField" style="display:none; width:200px; padding:2px;" value=""/>';
3264 $arr['firstName'] = '<span class="field" >'.$f['firstName'].'</span><input type="text" id="firstName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['firstName'].'"/>';
3265 $arr['lastName'] = '<span class="field" >'.$f['lastName'].'</span><input type="text" id="lastName" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['lastName'].'"/>';
3266 $arr['address'] = '<span class="field" >'.$f['address'].'</span><input type="text" id="address" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['address'].'"/>';
3267 $arr['postCode'] = '<span class="field" >'.$f['postCode'].'</span><input type="text" id="postCode" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['postCode'].'"/>';
3268 $arr['mobile'] = '<span class="field" >'.$f['mobile'].'</span><input type="text" id="mobile" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['mobile'].'"/>';
3269 $arr['email'] = '<span class="field" >'.$f['email'].'</span><input type="text" id="email" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['email'].'"/>';
3270 $arr['comment'] = '<span class="field" >'.$f['comments'].'</span><input type="text" id="comment" class="txtInput editField" style="display:none; width:200px; padding:2px;" value="'.$f['comments'].'"/>';
3271 $arr['payment'] = $f['payment'];
3272 $arr['paymentLog'] = $f['paymentLog'];
3273 $arr['buttons'] = '<input type="button" value="Edit" class="orangeButton editButton" onclick="editPrivateCustomerDetails()"> <input type="button" style="display:none;" value="Save" class="greenButton saveButton" onclick="savePrivateCustomer()"> <input type="button" value="Delete" class="redButton deleteButton" onclick="">';
3274
3275 }else {
3276 $arr['username'] = '<input type="text" name="username" id="username" onkeyup="suggestUsername()" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3277 $arr['password'] = '<input type="text" name="password" id="password" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3278 $arr['firstName'] = '<input type="text" name="firstName" id="firstName" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3279 $arr['lastName'] = '<input type="text" name="lastName" id="lastName" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3280 $arr['address'] = '<input type="text" name="address" id="address" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3281 $arr['postCode'] = '<input type="text" name="postCode" id="postCode" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3282 $arr['mobile'] = '<input type="text" name="mobile" id="mobile" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3283 $arr['email'] = '<input type="text" name="email" id="email" class="txtInput editField" style="margin:2px; padding:2px; width:200px;"/>';
3284 $arr['comment'] = '<input type="text" name="comment" id="comment" class="txtInput editField" style="margin:2px; padding:2px; width:200px;" />';
3285 $arr['payment'] = '';
3286 $arr['paymentLog'] = '';
3287 $arr['buttons'] = '<input type="button" value="Save Customer Details" class="greenButton" style="margin:3px;" onclick="savePrivateCustomer()">';
3288 }
3289
3290 $privateCustomerDetails = '
3291 <input type="hidden" id="regNr" value="'.$regNr.'" />
3292 <input type="hidden" id="tyreID" value="'.$tyreID.'" />
3293 <input type="hidden" id="privateCustomerID" value="'.$privateCustomerID.'" />
3294 <tr class="headAdmin" style="padding:3px;">
3295 <th style="border-bottom:1px solid #5981d6;">Username</th><td style="text-align:left;" class="tdUsername"> '.$arr['username'].'</td>
3296 </tr>
3297 <tr class="headAdmin" style="padding:3px;">
3298 <th style="border-bottom:1px solid #5981d6;">Password</th><td style="text-align:left;" class="tdPassword">'.$arr['password'].'</td>
3299 </tr>
3300 <tr class="headAdmin" style="padding:3px;">
3301 <th style="border-bottom:1px solid #5981d6;">First Name</th><td style="text-align:left;" class="tdFirstName">'.$arr['firstName'].'</td>
3302 </tr>
3303 <tr class="headAdmin" style="padding:3px;">
3304 <th style="border-bottom:1px solid #5981d6;">Last Name</th><td style="text-align:left;" class="tdLastName">'.$arr['lastName'].'</td>
3305 </tr>
3306 <tr class="headAdmin" style="padding:3px;">
3307 <th style="border-bottom:1px solid #5981d6;">Address</th><td style="text-align:left;" class="tdAddress">'.$arr['address'].'</td>
3308 </tr>
3309 <tr class="headAdmin" style="padding:3px;">
3310 <th style="border-bottom:1px solid #5981d6;">Post Code</th><td style="text-align:left;" class="tdPostCode">'.$arr['postCode'].'</td>
3311 </tr>
3312 <tr class="headAdmin" style="padding:3px;">
3313 <th style="border-bottom:1px solid #5981d6;">Mobile</th><td style="text-align:left;" class="tdMobile">'.$arr['mobile'].'</td>
3314 </tr>
3315 <tr class="headAdmin" style="padding:3px;">
3316 <th style="border-bottom:1px solid #5981d6;">E-mail</th><td style="text-align:left;" class="tdEmail">'.$arr['email'].'</td>
3317 </tr>
3318 <tr class="headAdmin" style="padding:3px;">
3319 <th style="border-bottom:1px solid #5981d6;">Comments</th><td style="max-width:300px; text-align:left;" class="tdComment">'.$arr['comment'].'</td>
3320 </tr>
3321 <tr class="headAdmin" style="padding:3px;">
3322 <th style="border-bottom:1px solid #5981d6;">Payment</th><td style="text-align:left;" class="tdPayment">'.$arr['payment'].'</td>
3323 </tr>
3324 <tr class="headAdmin" style="padding:3px;">
3325 <th style="border-bottom:1px solid #5981d6;">Payment Log</th><td style="text-align:left;" class="tdPayemntLog">'.$arr['paymentLog'].'</td>
3326 </tr>
3327 <tr class="headAdmin" style="padding:3px;">
3328 <th> </th>
3329 <td class="tdButtons">'.$arr['buttons'].'</td>
3330 </tr>';
3331
3332 $tyreOffers = ['size_b' => '', 'price_b' => '', 'brand_b' => '', 'model_b' => '', 'count_b' => '', 'size_m' => '', 'price_m' => '', 'brand_m' => '', 'model_m' => '', 'count_m' => '', 'size_p' => '', 'price_p' => '', 'brand_p' => '', 'model_p' => '', 'count_p' => '', 'recommendedType'=>''];
3333 if((int)$privateCustomerID != 0) {
3334 $q = mysqli_query($con, "SELECT * FROM requests WHERE privateCustomerID = $privateCustomerID AND tyreID=$tyreID ORDER BY replied ASC"); //regNr = '$regNr'
3335 if(mysqli_num_rows($q) > 0) {
3336 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3337 foreach($fetch as $f) {
3338
3339 $offerID = $f['offerID'];
3340 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE id=$offerID AND selectedType = ''");
3341 if(!$q || mysqli_num_rows($q) == 0) {
3342 continue;
3343 }
3344
3345 if($f['replied'] == 0) {
3346 $reply = '<td class="tdReply'.$f['id'].'" style="max-width:200px; max-height:50px; overflow:auto;"><textarea id="reply'.$f['id'].'" style="width:100px; height:30px;"></textarea></td>';
3347 $replyButton = '<td class="tdButton'.$f['id'].'"><input type="button" class="greenButton replyButton'.$f['id'].'" value="Reply" onclick="reply('.$f['id'].')" /></td>';
3348
3349 }else {
3350 $reply = '<td class="tdReply'.$f['id'].'" style="text-align:left; max-width:200px; max-height:50px; overflow:auto;">'.$f['reply'].'</td>';
3351 $replyButton = '<td></td>';
3352 }
3353
3354 $requestsTr .= '<tr>';
3355 $requestsTr .= '<td>'.$f['requestedOn'].'</td>';
3356 $requestsTr .= '<td class="tdRequest'.$f['id'].'" style="text-align:left; max-width:200px; max-height:50px; overflow:auto;">'.$f['request'].'</td>';
3357 $requestsTr .= $reply;
3358 $requestsTr .= $replyButton;
3359 $requestsTr .= '</tr>';
3360
3361 }
3362 }
3363
3364 //if($offerID != 0) {
3365 $q = mysqli_query($con, "SELECT * FROM tyre_offers WHERE selectedType = '' AND privateCustomerID=$privateCustomerID AND regNr='$regNr' AND tyreID=$tyreID"); //id=$offerID AND selectedType = ''");
3366 if(mysqli_num_rows($q) > 0) {
3367 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3368
3369 $tyreOffers = [
3370 'size_b' => $f['size_b'],
3371 'price_b' => $f['price_b'],
3372 'brand_b' => $f['brand_b'],
3373 'model_b' => $f['model_b'],
3374 'count_b' => $f['count_b'],
3375 'size_m' => $f['size_m'],
3376 'price_m' => $f['price_m'],
3377 'brand_m' => $f['brand_m'],
3378 'model_m' => $f['model_m'],
3379 'count_m' => $f['count_m'],
3380 'size_p' => $f['size_p'],
3381 'price_p' => $f['price_p'],
3382 'brand_p' => $f['brand_p'],
3383 'model_p' => $f['model_p'],
3384 'count_p' => $f['count_p'],
3385 'recommendedType' => $f['recommendedType']
3386 ];
3387
3388 }
3389 //}
3390 }
3391
3392 $recommendedButtonB = 'display:inline-block;';
3393 $recommendedButtonM = 'display:inline-block;';
3394 $recommendedButtonP = 'display:inline-block;';
3395 if($tyreOffers['recommendedType'] == 'b') {
3396 $recommendedButtonB = 'display:none;';
3397 }else if($tyreOffers['recommendedType'] == 'm') {
3398 $recommendedButtonM = 'display:none;';
3399 }else if($tyreOffers['recommendedType'] == 'p') {
3400 $recommendedButtonP = 'display:none;';
3401 }
3402
3403 $tyreOfferTr .= '<tr>';
3404 $tyreOfferTr .= '<td>Budget Tyre</td>';
3405 $tyreOfferTr .= '<td><input type="text" id="size_b" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_b'].'"/></td>';
3406 $tyreOfferTr .= '<td><input type="text" id="price_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_b'].'"/></td>';
3407 $tyreOfferTr .= '<td><input type="text" id="brand_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_b'].'"/></td>';
3408 $tyreOfferTr .= '<td><input type="text" id="model_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_b'].'"/></td>';
3409 $tyreOfferTr .= '<td><input type="text" id="count_b" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_b'].'"/></td>';
3410 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'b\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_b recommendButton" style="'.$recommendedButtonB.'" value="Recommend" onclick="recommend('.$tyreID.', \'b\')"/></td>';
3411 $tyreOfferTr .= '</tr>';
3412 $tyreOfferTr .= '<tr>';
3413 $tyreOfferTr .= '<td>Middle Tyre</td>';
3414 $tyreOfferTr .= '<td><input type="text" id="size_m" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_m'].'"/></td>';
3415 $tyreOfferTr .= '<td><input type="text" id="price_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_m'].'"/></td>';
3416 $tyreOfferTr .= '<td><input type="text" id="brand_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_m'].'"/></td>';
3417 $tyreOfferTr .= '<td><input type="text" id="model_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_m'].'"/></td>';
3418 $tyreOfferTr .= '<td><input type="text" id="count_m" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_m'].'"/></td>';
3419 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'m\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_m recommendButton" style="'.$recommendedButtonM.'" value="Recommend" onclick="recommend('.$tyreID.', \'m\')"/></td>';
3420 $tyreOfferTr .= '</tr>';
3421 $tyreOfferTr .= '<tr>';
3422 $tyreOfferTr .= '<td>Premium Tyre</td>';
3423 $tyreOfferTr .= '<td><input type="text" id="size_p" class="txtInput" style="padding:2px; width:60px;" value="'.$tyreOffers['size_p'].'"/></td>';
3424 $tyreOfferTr .= '<td><input type="text" id="price_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['price_p'].'"/></td>';
3425 $tyreOfferTr .= '<td><input type="text" id="brand_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['brand_p'].'"/></td>';
3426 $tyreOfferTr .= '<td><input type="text" id="model_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['model_p'].'"/></td>';
3427 $tyreOfferTr .= '<td><input type="text" id="count_p" class="txtInput" style="padding:2px; width:50px;" value="'.$tyreOffers['count_p'].'"/></td>';
3428 $tyreOfferTr .= '<td><input type="button" class="greenButton saveButton" value="Save" onclick="saveTyreOffer('.$tyreID.', \'p\', '.$offerID.')" /> <input type="button" class="orangeButton recommendButton_p recommendButton" style="'.$recommendedButtonP.'" value="Recommend" onclick="recommend('.$tyreID.', \'p\')"/></td>';
3429 $tyreOfferTr .= '</tr>';
3430
3431 }
3432
3433 $r = [$tr, $privateCustomerDetails, $requestsTr, $tyreOfferTr];
3434 echo json_encode($r);
3435 return;
3436 }
3437
3438}
3439
3440function receivedTyre() {
3441 if(!customerLoggedIn()) { echo 'no customer'; return; }
3442
3443 $con = dbCon();
3444 $deliveryID = (int)p($_POST['deliveryID']);
3445 $customerID =(int)p($_SESSION['customerID']);
3446
3447 $q = mysqli_query($con, "UPDATE deliveries SET received=1, receivedBy=$customerID WHERE id='$deliveryID'");
3448 if(!$q) { echo mysqli_error($con); echo 'failed'; return; }
3449
3450 echo 'success';
3451 return;
3452}
3453
3454function showOrderDetails() {
3455 if(!customerLoggedIn()) { echo 'no customer'; return; }
3456
3457 $con = dbCon();
3458 $tyreID = p($_POST['tyreID']);
3459
3460 $q = mysqli_query($con, "SELECT * FROM tyres WHERE id=$tyreID");
3461 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3462 if($f['delivered'] == 1) { $delivered = 'Yes'; }
3463 else { $delivered = 'No'; }
3464 $deliveryID = $f['deliveryID'];
3465 $orderID = $f['orderID'];
3466 if($f['washed'] == 1) { $washed = ', Washed'; } else { $washed = ''; }
3467
3468
3469 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID'");
3470 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3471 $orderedOn = $f['orderedOn'];
3472 $customerID = (int)$f['customerID'];
3473 $status = $f['status'];
3474
3475 $q = mysqli_query($con, "SELECT * FROM customers WHERE id=$customerID");
3476 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3477 $customerName = $f['username'];
3478
3479 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID'");
3480 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3481 $employeeID = (int)$f['deliveredBy'];
3482
3483
3484 $q = mysqli_query($con, "SELECT * FROM employees WHERE id=$employeeID");
3485 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3486 $employeeName = $f['name'];
3487
3488
3489
3490 $arr = [$orderedOn, $customerName, $status];
3491 jsonEncode($arr);
3492 return;
3493}
3494
3495function validatePassID() {
3496 $passID = p($_POST['passID']);
3497
3498 if($passID == $_SESSION['passID']) { echo 'correct'; return; }
3499 echo 'wrong'; return;
3500}
3501
3502function setNewPass() {
3503 $con = dbCon();
3504 $pass = p($_POST['newPass']);
3505 $passConfirm = p($_POST['newPassConfirm']);
3506
3507 if($pass != $passConfirm) { echo 'mismatch'; return; }
3508 if(!isset($_SESSION['retCID'])) { echo 'CID not set'; return; }
3509
3510 $password = md5($pass);
3511 $customerID = $_SESSION['retCID'];
3512 $q = mysqli_query($con, "UPDATE customers SET password='$password' WHERE id=$customerID");
3513 if(!$q) { echo 'no Customer'; return; }
3514
3515 echo 'success'; return;
3516}
3517
3518function sendPassID() {
3519 $con = dbCon();
3520
3521 $regEmail = p($_POST['regEmail']);
3522 $q = mysqli_query($con, "SELECT * FROM customers WHERE email='$regEmail'");
3523 if(!$q || mysqli_num_rows($q) == 0) { echo 'no customer'; return; }
3524
3525 //generate random string passID
3526 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3527 $passID = random_string(20);
3528 $name = $f['name'];
3529 $customerID = (int)$f['id'];
3530 $sitename = 'http://www.***.no/';
3531 $sub = 'Activation code to reset your password!';
3532 // SESSION instead of using cookies?
3533 $msg = "<html><head></head><body>
3534 <img src='' width='250px' /><br>
3535
3536 Hey, you applied for password reset at our site<br><br>
3537
3538 Activation ID: <b>".$passID."</b><br>
3539 Paste this ID at our site to reset password, OR, <br><br>
3540
3541 <a href='".$sitename."?pid=reset_password'>Click Here</a> to reset your password.
3542
3543 </body></html>";
3544
3545 $arr = array();
3546 $arr['to'] = $regEmail;
3547 $arr['toName'] = $name;
3548 $arr['subject'] = $sub;
3549 $arr['body'] = $msg;
3550 $mail = mailSend($arr);
3551
3552 //setCookie('passID', $passID, time()+3600);
3553 //setCookie('retCID', $customerID, time()+3600);
3554
3555 $_SESSION['passID'] = $passID;
3556 $_SESSION['retCID'] = $customerID;
3557
3558 echo 'success'; return;
3559
3560}
3561
3562function logoutCustomer() {
3563 unset($_SESSION['customerID']);
3564 unset($_SESSION['orgNr']);
3565 return;
3566}
3567
3568function confirmOrder() {
3569 if(!customerLoggedIn()) { echo 'no customer'; return; }
3570 $customerID = (int) p($_SESSION['customerID']);
3571 $orgNr = p($_SESSION['orgNr']);
3572
3573 $con = dbCon();
3574 $ids = p($_POST['tyreIDs']);
3575 $tyreIDs = explode(',', $ids);
3576 //$deliveryID = random_string(20);
3577 $totalTyres = 0;
3578
3579 for($i=0; $i < count($tyreIDs); $i++) {
3580 if($tyreIDs[$i] == '' || $tyreIDs == '0') { continue; }
3581 $totalTyres += 1;
3582 }
3583 if($totalTyres <= 0) { echo '1 required'; return; }
3584
3585 $deliveryDate = p($_POST['deliveryDate']);
3586 $orderedOn = Date('d/m/Y H:i');
3587 $deliveryTime = p($_POST['deliveryTime']);
3588 if($deliveryTime == '') { $deliveryTime = ''; }
3589 $deliveryDate = $deliveryDate.' '.$deliveryTime;
3590
3591 $q = mysqli_query($con, "SELECT companyID FROM customers WHERE id=$customerID");
3592 $f = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3593 $companyID = (int)$f['companyID'];
3594 $f = mysqli_fetch_array_n(mysqli_query($con, "SELECT name FROM companies WHERE id=$companyID"), MYSQLI_ASSOC);
3595 $customerName = $f['name'];
3596 //$orgNr = $f['org_nr'];
3597
3598 $notStored = 0;
3599 $ordered = 0;
3600 $tyreIDsUpdated = array();
3601 //$deliveryIDs = '';
3602 foreach($tyreIDs as $tyreID) {
3603 if($tyreID == '' || $tyreID == '0') { continue; }
3604 $deliveryID = random_string(20);
3605 //$deliveryIDs .= $deliveryID.',';
3606 $tyreID = (int)$tyreID;
3607 $q = mysqli_query($con, "SELECT id FROM tyres WHERE id=$tyreID and stored=1");
3608 if(!$q) {
3609 //echo 'not stored'; return 2;
3610 $notStored = 1;
3611 break;
3612 }
3613
3614 $q = mysqli_query($con, "SELECT id FROM tyres WHERE deliveryID != '' AND id=$tyreID");
3615 if(mysqli_num_rows($q) > 0) {
3616 //echo 'ordered'; return 2;
3617 $ordered = 1; break;
3618 }
3619
3620 $q = mysqli_query($con, "UPDATE tyres SET ordered=1, deliveryID = '$deliveryID' WHERE id=$tyreID");
3621 $q = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryID', '$orderedOn', $customerID, '$deliveryDate', '', 1, '$tyreID', 'Processing', '$orgNr', '', 0, 0)");
3622 $tyreIDsUpdated[] = $tyreID;
3623 }
3624
3625 if($notStored == 1 || $ordered == 1) {
3626 foreach($tyreIDsUpdated as $tyreID) {
3627 if($tyreID == '' || $tyreID == '0') { continue; }
3628 $q = mysqli_query($con, "UPDATE tyres SET ordered=0, deliveryID = '' WHERE id=$tyreID");
3629 $q = mysqli_query($con, "DELETE FROM deliveries WHERE tyreIDs LIKE '%$tyreID%' ");
3630 }
3631 if($notStored == 1) { echo 'not stored'; return; }
3632 else { echo 'ordered'; return; }
3633 }
3634
3635 //$tyreIDs = implode(',', $tyreIDs);
3636 //$q = mysqli_query($con, "INSERT INTO deliveries (`id`, `deliveryID`, `orderedOn`, `customerID`, `deliveryDate`, `deliveredBy`, `totalTyres`, `tyreIDs`, `status`, `orgNr`, `deliveredOn`, `received`, `receivedBy`) VALUES (NULL, '$deliveryIDs', '$orderedOn', $customerID, '$deliveryDate', '', $totalTyres, '$tyreIDs', 'Processing', '$orgNr', '', 0, 0)");
3637
3638 //mail admin
3639 $msg = '<html><head></head><body>
3640
3641 Hey Mukim, <br>
3642 Tyres(s) has been ordered by a customer. <br><br>
3643
3644 Details of order are:<br>
3645 Customer Name: <b> '.$customerName.' </b><br>
3646 Org Nr: <b>'.$orgNr.'</b> <br>
3647 Number of Tyres: <b>'.$totalTyres.' </b> <br>
3648 Delivery Date: <b>'.$deliveryDate.'</b> <br>
3649
3650 </body></html>';
3651
3652 // Delivery ID: <b>'.$deliveryID.'</b> <br>
3653 $fw = mysqli_fetch_array_n(mysqli_query($con, "SELECT * FROM warehousedetails"), MYSQLI_ASSOC);
3654 $companyEmail = $fw['email'];
3655
3656 $arr = array();
3657 $arr['to'] = $companyEmail; //'dekkhotell.***@gmail.com';
3658 $arr['toName'] = 'DekkHotell - ***';
3659 $arr['subject'] = 'Tyre has been ordered';
3660 $arr['body'] = $msg;
3661 //$mail = mailSend($arr);
3662 mailSend($arr);
3663 //mail($arr['to'], $arr['subject'], $arr['body']);
3664
3665 echo 'success';
3666 return;
3667
3668}
3669
3670function deleteRow() {
3671 if(!adminLoggedIn()) { echo 'no admin'; return; }
3672
3673 $con = dbCon();
3674 $table = p($_POST['table']);
3675 $id = (int) p($_POST['id']);
3676
3677 $q = mysqli_query($con, "DELETE FROM ".$table." WHERE id = $id ");
3678 if($q) { echo 'delete success'; return; }
3679 echo 'failed'.mysqli_error($con); return;
3680}
3681
3682function customerLoggedIn() {
3683 if(isset($_SESSION['customerID'])) {
3684 return true;
3685 }
3686 return false;
3687}
3688
3689function searchEntry() {
3690 if(!customerLoggedIn()) { echo 'no customer'; return; }
3691
3692 $con = dbCon();
3693 $searchType = p($_POST['type']);
3694 $pageNum = p($_POST['pageNum']);
3695 $rowNum = p($_POST['rowNum']);
3696 $searchValue = p($_POST['searchValue']);
3697 $currentPage = p($_POST['currentPage']);
3698 $tr = '';
3699 $orgNr = p($_SESSION['orgNr']);
3700
3701 $q = mysqli_query($con, "SELECT * FROM tyres");
3702 //$totalRows = mysqli_num_rows($q);
3703
3704 if($searchType == 'rowNum')
3705 {
3706
3707 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' LIMIT $rowNum");
3708
3709 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3710 $totalRows = mysqli_num_rows($q);
3711
3712 foreach($fetch as $f) {
3713
3714 if($f['delivered'] == 1) {
3715 $deliveryID = $f['deliveryID'];
3716 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
3717 if(mysqli_num_rows($q) > 0) { continue; }
3718 }
3719
3720 $rowArray = createDataAttr($f);
3721
3722
3723 if($f['ordered'] == 1) {
3724 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">ORDERED</span>';
3725 $onClick = '';
3726 }
3727 else {
3728 $orderButton = '';
3729 $onClick = 'onclick="addOrder(this)"';
3730 }
3731
3732 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreID='.$f['id'].' data-rowArray='.$rowArray.'>';
3733 $tr .= '<td>'.$f['filed'].'</td>';
3734 $tr .= '<td>'.$f['issued'].'</td>';
3735 $tr .= '<td>'.$f['department'].'</td>';
3736 $tr .= '<td>'.$f['regNr'].'</td>';
3737 $tr .= '<td>'.$f['location'].'</td>';
3738 $tr .= '<td>'.$f['tyreSize'].'</td>';
3739 $tr .= '<td>'.$f['pattern'].'</td>';
3740 $tr .= '<td>'.$f['season'].'</td>';
3741 $tr .= '<td>'.$f['washed'].'</td>';
3742 $tr .= '<td>'.$f['condition'].'</td>';
3743 $tr .= '<td>'.$orderButton.'</td>';
3744 $tr .= '<td></td>';
3745 $tr .= '</tr>';
3746 }
3747
3748 $arr = ['success', $tr, $searchType, $pageNum, $rowNum, $totalRows];
3749 jsonEncode($arr);
3750 return;
3751
3752 }
3753
3754 if($searchType == 'pagination')
3755 {
3756 if($pageNum == 'start') { $startRow = 0; }
3757 if($pageNum == 'previous') { $startRow = $rowNum * ($currentPage - 1); }
3758 if($pageNum == 'next') { $startRow = $rowNum * ($currentPage + 1); }
3759 if($pageNum == 'last') {
3760 $q = mysqli_query($con, "SELECT * FROM tyres");
3761 $totalRows = mysqli_num_rows($q);
3762 $startRow = $rowNum * (($totalRows/$rowNum) - 1);
3763 }
3764 $endRow = $rowNum;
3765
3766 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' LIMIT $startRow, $endRow ");
3767 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3768 $tr = '';
3769 $totalRows = mysqli_num_rows($q);
3770
3771 foreach($fetch as $f) {
3772
3773 if($f['delivered'] == 1) {
3774 $deliveryID = $f['deliveryID'];
3775 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
3776 if(mysqli_num_rows($q) > 0) { continue; }
3777 }
3778
3779 $rowArray = createDataAttr($f);
3780
3781
3782 if($f['ordered'] == 1) {
3783 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">ORDERED</span>';
3784 $onClick = '';
3785 }
3786 else {
3787 $orderButton = '';
3788 $onClick = 'onclick="addOrder(this)"';
3789 }
3790
3791 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreID='.$f['id'].' data-rowArray='.$rowArray.'>';
3792 $tr .= '<td>'.$f['filed'].'</td>';
3793 $tr .= '<td>'.$f['issued'].'</td>';
3794 $tr .= '<td>'.$f['department'].'</td>';
3795 $tr .= '<td>'.$f['regNr'].'</td>';
3796 $tr .= '<td>'.$f['location'].'</td>';
3797 $tr .= '<td>'.$f['tyreSize'].'</td>';
3798 $tr .= '<td>'.$f['pattern'].'</td>';
3799 $tr .= '<td>'.$f['season'].'</td>';
3800 $tr .= '<td>'.$f['washed'].'</td>';
3801 $tr .= '<td>'.$f['condition'].'</td>';
3802 $tr .= '<td>'.$orderButton.'</td>';
3803 $tr .= '<td></td>';
3804 $tr .= '</tr>';
3805 }
3806
3807 $arr = ['success', $tr, $searchType, $pageNum, $rowNum, $totalRows];
3808 jsonEncode($arr);
3809 return;
3810
3811 }
3812
3813 if($searchType == 'filed' || $searchType == 'issued' || $searchType == 'regNr' || $searchType == 'department' || $searchType == 'location' || $searchType == 'pattern' || $searchType == 'washed' || $searchType == 'season') {
3814 if($searchValue == 'default') { $arr = ['no season', '', $searchType, $pageNum, $rowNum, 0]; jsonEncode($arr); return; }
3815
3816 $q = mysqli_query($con, "SELECT * FROM tyres WHERE $searchType LIKE '%$searchValue%' AND orgNr='$orgNr'");
3817// $q = mysqli_query($con, "SELECT * FROM tyres WHERE $searchType LIKE '%$searchValue%' AND orgNr='$orgNr' AND stored=1 ");
3818
3819 if(!$q) { $arr = ['failed', '', $searchType, $pageNum, $rowNum, 0]; jsonEncode($arr); return; }
3820 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3821 $totalRows = mysqli_num_rows($q);
3822
3823
3824
3825 foreach($fetch as $f) {
3826
3827
3828 $tyreID = $f['id'];
3829 $deliveryID = $f['deliveryID'];
3830 if($f['delivered'] == 1) {
3831 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
3832 if(mysqli_num_rows($q) > 0) { continue; }
3833 }
3834
3835 $rowArray = createDataAttr($f);
3836
3837
3838 $orderID = $f['orderID'];
3839 $q = mysqli_query($con, "SELECT * FROM orders WHERE orderID='$orderID'");
3840 $fo = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3841 $orderType = $fo['type'];
3842
3843 $deliveryOrdered = 0;
3844 $qd = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND tyreIDs LIKE '%$tyreID%'");
3845 if(mysqli_num_rows($qd) > 0) {
3846 $deliveryOrdered = 1;
3847 }
3848
3849 if($f['ordered'] == 1 && $deliveryOrdered == 0) {
3850 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3851 $onClick = 'onclick="addOrder(this)"';
3852
3853 //if($orderType == 'order') {
3854 //if($orderType != 'order') {
3855 // $orderButton = '';
3856 // $onClick = 'onclick="addOrder(this)"';
3857 //}
3858 }
3859 else if($deliveryOrdered == 1) {
3860 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3861 $onClick = '';
3862 }
3863
3864 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
3865
3866 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreID='.$f['id'].' data-rowArray='.$rowArray.'>';
3867 $tr .= '<td>'.$f['filed'].'</td>';
3868 //$tr .= '<td>'.$f['issued'].'</td>';
3869 $tr .= '<td>'.$f['department'].'</td>';
3870 $tr .= '<td><a href="?p=privateCustomer&assign=1®Nr='.$f['regNr'].'">'.$f['regNr'].'</a></td>';
3871 $tr .= '<td>'.$f['location'].'</td>';
3872 $tr .= '<td>'.$f['tyreSize'].'</td>';
3873 $tr .= '<td>'.$f['pattern'].'</td>';
3874 $tr .= '<td>'.$f['season'].'</td>';
3875 $tr .= '<td>'.$washed.'</td>';
3876 $tr .= '<td>'.$f['condition'].'</td>';
3877 $tr .= '<td>'.$orderButton.'</td>';
3878 $tr .= '<td></td>';
3879 $tr .= '</tr>';
3880
3881 }
3882 $arr = ['success', $tr, $searchType, $pageNum, $rowNum, $totalRows];
3883 jsonEncode($arr);
3884 return;
3885
3886 }
3887
3888}
3889
3890function getTyresList() {
3891 if(!customerLoggedIn()) { echo 'no customer'; return; }
3892
3893 $con = dbCon();
3894 $orgNr = p($_SESSION['orgNr']);
3895
3896
3897 $q = mysqli_query($con, "SELECT * FROM tyres WHERE orgNr='$orgNr' AND stored=1 ORDER BY id DESC");
3898 $fetch = mysqli_fetch_all_n($q, MYSQLI_ASSOC);
3899 $tr = '';
3900 $totalRows = mysqli_num_rows($q);
3901
3902 foreach($fetch as $f) {
3903
3904
3905 $tyreID = $f['id'];
3906 $deliveryID = $f['deliveryID'];
3907
3908 if($f['delivered'] == 1) {
3909 $q = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND received=1");
3910 if(mysqli_num_rows($q) > 0) { continue; }
3911 }
3912
3913 $rowArray = createDataAttr($f);
3914
3915 //$rowArray = json_encode($rowArray);
3916
3917 $orderID = $f['orderID'];
3918 $q = mysqli_query($con, "SELECT * FROM orders WHERE orderID='$orderID'");
3919 $fo = mysqli_fetch_array_n($q, MYSQLI_ASSOC);
3920 $orderType = $fo['type'];
3921
3922 $deliveryOrdered = 0;
3923 $qd = mysqli_query($con, "SELECT * FROM deliveries WHERE deliveryID='$deliveryID' AND tyreIDs LIKE '%$tyreID%'");
3924 if(mysqli_num_rows($qd) > 0) {
3925 $deliveryOrdered = 1;
3926 }
3927
3928 if($f['ordered'] == 1 && $deliveryOrdered == 0) {
3929 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3930 $onClick = 'onclick="addOrder(this)"';
3931
3932 //if($orderType == 'order') {
3933 // $orderButton = '';
3934 // $onClick = 'onclick="addOrder(this)"';
3935 //}
3936 }
3937 else if($deliveryOrdered == 1) {
3938 $orderButton = '<span class="link" onclick="showOrderDetails('.$f['id'].');">Order Details</span>';
3939 $onClick = '';
3940 }
3941
3942 if($f['washed'] == 1) { $washed = 'Yes'; } else { $washed = 'No'; }
3943
3944 $tr .= '<tr '.$onClick.' class="customerTR" data-tyreid='.$f['id'].' data-rowarray='.$rowArray.'>';
3945 $tr .= '<td>'.$f['filed'].'</td>';
3946 //$tr .= '<td>'.$f['issued'].'</td>';
3947 $tr .= '<td>'.$f['department'].'</td>';
3948 $tr .= '<td onclick=""><a href="?p=privateCustomer&assign=1®Nr='.$f['regNr'].'">'.$f['regNr'].'</a></td>';
3949 $tr .= '<td>'.$f['location'].'</td>';
3950 $tr .= '<td>'.$f['tyreSize'].'</td>';
3951 $tr .= '<td>'.$f['pattern'].'</td>';
3952 $tr .= '<td>'.$f['season'].'</td>';
3953 $tr .= '<td>'.$washed.'</td>';
3954 $tr .= '<td>'.$f['condition'].'</td>';
3955 $tr .= '<td>'.$orderButton.'</td>';
3956 $tr .= '<td></td>';
3957 $tr .= '</tr>';
3958
3959 }
3960
3961 $arr = [$tr, $totalRows];
3962 jsonEncode($arr);
3963 return;
3964
3965}
3966
3967function createDataAttr($arr) {
3968
3969 $filed = $arr['filed'];
3970 $date = explode(' ', $filed);
3971 if(!isset($date[1])) {
3972 $filed = $date[0].';00:00';
3973 }else {
3974 $filed = $date[0].';'.$date[1];
3975 }
3976
3977 if($arr['washed'] == 0) { $washed = 'No'; } else { $washed = 'Yes'; }
3978
3979 //$rowArray = [$arr['id'], $arr['filed'], $arr['issued'], $arr['department'], $arr['regNr'], $arr['location'], $arr['tyreSize'], $arr['pattern'], $arr['season'], $arr['washed'], $arr['condition']];
3980 $rowArray = $arr['id'].','.$filed.','.trim($arr['issued']).','.trim($arr['department']).','.str_replace(" ", "_", $arr['regNr']).','.str_replace(" ", "", trim($arr['location'])).','.trim($arr['tyreSize']).','.$arr['pattern'].','.$arr['season'].','.$washed.','.$arr['condition'];
3981 return $rowArray;
3982}
3983
3984
3985?>