objAuth = new AuthController(); $this->objUser = new UserController(); $this->objPermission = new PermissionController(); } // Company public function getCompanies(Request $request) { // /api/rpc/invoice/company/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { return DB::table('inv_company') ->select( 'id', 'user_id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm', 'date_format' ) ->get(); } else { return 'Permission denied.'; } } } public function getCompany($id, Request $request) { // /api/rpc/invoice/company/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { if ($id == $check) { return DB::table('inv_company') ->select( 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm', 'date_format', 'comment1', 'comment2' ) ->where('id', $id) ->where('user_id', $check) ->get(); } else { return 'Permission denied.'; } } else if ($valid['inv_manuser'] == 1) { return DB::table('inv_company') ->select( 'user_id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm', 'date_format', 'comment1', 'comment2' ) ->where('id', $id) ->get(); } else { return 'Permission denied.'; } } else { return 'Permission denied.'; } } } public function newCompany(Request $request) { // /api/rpc/invoice/company/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { $add = DB::table('inv_company') ->insertGetId([ 'user_id' => $request->user_id, 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm, 'date_format' => $request->date_format, 'comment1' => $request->comment1, 'comment2' => $request->comment2 ]); return $add; } else { return 'Permission denied.'; } } } public function editCompany(Request $request) { // /api/rpc/invoice/company/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1) { if ($valid['inv_manuser'] == 0) { if ($companyId != 0) { DB::table('inv_company') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm, 'date_format' => $request->date_format, 'comment1' => $request->comment1, 'comment2' => $request->comment2 ]); } else { return 'Permission denied.'; } } else if ($valid['inv_manuser'] == 1) { DB::table('inv_company') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'name' => $request->name, 'compreg' => ($request->compreg ? $request->compreg : ''), 'taxnr' => ($request->taxnr ? $request->taxnr : ''), 'bank_number' => $request->bank_number, 'bank_name' => $request->bank_name, 'bank_recipient' => $request->bank_recipient, 'logo' => ($request->logo ? $request->logo : ''), 'payterm' => $request->payterm, 'date_format' => $request->date_format, 'comment1' => $request->comment1, 'comment2' => $request->comment2 ]); } } else { return 'Permission denied.'; } } } public function deleteCompany(Request $request) { // /api/rpc/invoice/company/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancompany'] == 1 && $valid['inv_manuser'] == 1) { DB::table('inv_company')->where('id', $request->id)->delete(); return 'Done.'; } else { return 'Permission denied.'; } } } // Contacts public function getContacts(Request $request) { // /api/rpc/invoice/contacts/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { $data = array( 'inv_contacts.id', 'inv_contacts.user_id', 'inv_contacts.company_name', 'inv_contacts.name', 'inv_contacts.address', 'inv_contacts.postcode', 'inv_contacts.town', 'inv_contacts.country', 'inv_contacts.phone', 'inv_contacts.email' ); if ($valid['inv_manuser'] == 1) { if (isset($request->emp)) { $get = DB::table('inv_contacts') ->join('inv_employers', 'inv_employers.contact_id', 'inv_contacts.id') ->get($data); } else if (isset($request->cus)) { $get = DB::table('inv_contacts') ->join('inv_clients', 'inv_clients.contact_id', 'inv_contacts.id') ->get($data); } else { $get = DB::table('inv_contacts') ->select( 'id', 'user_id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'email' ) ->get(); } return $get; } else { $get = DB::table('inv_contacts') ->select( 'id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'email' ) ->where('user_id', $check) ->get(); return $get; } } else { return 'Permission denied.'; } } } public function getContact($id, Request $request) { // /api/rpc/invoice/contacts/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { $get = DB::table('inv_contacts') ->select( 'id', 'user_id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom' ) ->where('id', $id) ->get(); $emp = DB::table('inv_employers') ->select('id') ->where('contact_id', $id) ->get(); $cus = DB::table('inv_clients') ->select('id') ->where('contact_id', $id) ->get(); } else { $get = DB::table('inv_contacts') ->select( 'id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom' ) ->where('id', $id) ->where('user_id', $check) ->get(); $emp = DB::table('inv_employers') ->select('id') ->where('contact_id', $id) ->where('user_id', $check) ->get(); $cus = DB::table('inv_clients') ->select('id') ->where('contact_id', $id) ->where('user_id', $check) ->get(); } $res = array(); foreach($get as $g) { $res[] = array( 'id' => $g->id, 'user_id' => ($valid['inv_manuser'] === 1 ? $g->user_id : $check), 'company_name' => $g->company_name, 'name' => $g->name, 'address' => $g->address, 'postcode' => $g->postcode, 'town' => $g->town, 'country' => $g->country, 'phone' => $g->phone, 'website' => $g->website, 'email' => $g->email, 'custom' => $g->custom, 'isEmployer' => ($emp->count() ? true : false), 'isCustomer' => ($cus->count() ? true : false) ); } return $res; } else { return 'Permission denied.'; } } } public function newContact(Request $request) { // /api/rpc/invoice/contacts/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_contacts') ->insertGetId([ 'user_id' => $request->user_id, 'company_name' => $request->company_name, 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'website' => $request->website, 'email' => $request->email, 'custom' => $request->custom ]); if ($request->isCustomer) { DB::table('inv_clients') ->insert([ 'user_id' => $request->user_id, 'contact_id' => $add ]); } if ($request->isEmployer) { DB::table('inv_employers') ->insert([ 'user_id' => $request->user_id, 'contact_id' => $add ]); } } else { $add = DB::table('inv_contacts') ->insertGetId([ 'company_name' => $request->company_name, 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'website' => $request->website, 'email' => $request->email, 'custom' => $request->custom ]); if ($request->isCustomer) { DB::table('inv_clients') ->insert([ 'user_id' => $check, 'contact_id' => $add ]); } if ($request->isEmployer) { DB::table('inv_employers') ->insert([ 'user_id' => $check, 'contact_id' => $add ]); } } return $add; } else { return 'Permission denied.'; } } } public function editContact(Request $request) { // /api/rpc/invoice/contacts/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_contacts') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'company_name' => $request->company_name, 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'website' => $request->website, 'email' => $request->email, 'custom' => $request->custom ]); $emp = DB::table('inv_employers') ->select('id') ->where('contact_id', $request->id) ->get(); if ($emp->count()) { if (!$request->isEmployer) { DB::table('inv_employers')->where('contact_id', $request->id)->delete(); } } else { if ($request->isEmployer) { DB::table('inv_employers') ->where('id', $request->id) ->insert([ 'user_id' => $request->user_id, 'contact_id' => $request->id ]); } } $cus = DB::table('inv_clients') ->select('id') ->where('contact_id', $request->id) ->get(); if ($cus->count()) { if (!$request->isCustomer) { DB::table('inv_clients')->where('contact_id', $request->id)->delete(); } } else { if ($request->isCustomer) { DB::table('inv_clients') ->where('id', $request->id) ->insert([ 'user_id' => $request->user_id, 'contact_id' => $request->id ]); } } } else { DB::table('inv_contacts') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'company_name' => $request->company_name, 'name' => $request->name, 'address' => $request->address, 'postcode' => $request->postcode, 'town' => $request->town, 'country' => $request->country, 'phone' => $request->phone, 'website' => $request->website, 'email' => $request->email, 'custom' => $request->custom ]); $emp = DB::table('inv_employers') ->select('id') ->where('user_id', $check) ->where('contact_id', $request->id) ->get(); if ($emp->count()) { if (!$request->isEmployer) { DB::table('inv_employers')->where('contact_id', $request->id)->where('user_id', $check)->delete(); } } else { if ($request->isEmployer) { DB::table('inv_employers') ->where('id', $request->id) ->where('user_id', $check) ->insert([ 'contact_id' => $request->id ]); } } $cus = DB::table('inv_clients') ->select('id') ->where('user_id', $check) ->where('contact_id', $request->id) ->get(); if ($cus->count()) { if (!$request->isCustomer) { DB::table('inv_clients')->where('contact_id', $request->id)->where('user_id', $check)->delete(); } } else { if ($request->isCustomer) { DB::table('inv_clients') ->where('id', $request->id) ->where('user_id', $check) ->insert([ 'contact_id' => $request->id ]); } } } return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteContact(Request $request) { // /api/rpc/invoice/contacts/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_mancontact'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_contacts')->where('id', $request->id)->delete(); DB::table('inv_employers')->where('contact_id', $request->id)->delete(); DB::table('inv_clients')->where('contact_id', $request->id)->delete(); } else { DB::table('inv_contacts')->where('id', $request->id)->where('user_id', $check)->delete(); DB::table('inv_employers')->where('contact_id', $request->id)->where('user_id', $check)->delete(); DB::table('inv_clients')->where('contact_id', $request->id)->where('user_id', $check)->delete(); } return 'Done.'; } else { return 'Permission denied.'; } } } // Invoices public function getInvoices(Request $request) { // /api/rpc/invoice/invoices/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); $format = DB::table('inv_company') ->select('date_format') ->where('user_id', $check) ->get(); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $get = DB::table('inv_invoices') ->select( 'id', 'user_id', 'employer', 'customer', 'year', 'inv_number', 'revision', 'make_date' ) ->get(); $res = array(); foreach ($get as $i) { $usr = DB::table('inv_contacts') ->select('name', 'company_name') ->where('user_id', $i->user_id) ->get(); $emp = DB::table('inv_contacts') ->select('name', 'company_name') ->where('id', $i->employer) ->get(); $cus = DB::table('inv_contacts') ->select('name', 'company_name') ->where('id', $i->customer) ->get(); $zero = '0000'; $len = strlen($i->inv_number); $num = substr($zero, $len); $fin = $num.$i->inv_number; $res[] = array( 'id' => $i->id, 'employer' => $emp[0]->name.($emp[0]->company_name != '' ? ' ('.$emp[0]->company_name.')' : ''), 'customer' => $cus[0]->name.($cus[0]->company_name != '' ? ' ('.$cus[0]->company_name.')' : ''), 'user' => $usr[0]->name.($usr[0]->company_name != '' ? ' ('.$usr[0]->company_name.')' : ''), 'invoice' => $i->year.$fin.($i->revision > 0 ? '_R'.$i->revision : ''), 'date' => strftime($format[0]->date_format, $i->make_date) ); } return $res; } else { return DB::table('inv_services') ->select( 'id', 'year', 'inv_number', 'revision', 'make_date' ) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function getInvoice($id, Request $request) { // /api/rpc/invoice/invoices/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $u = DB::table('inv_invoices') ->select('user_id') ->where('id', $id) ->first(); $format = DB::table('inv_company') ->select('date_format') ->where('user_id', $u->user_id) ->get(); $invoice = DB::table('inv_invoices') ->select( 'id as id', 'user_id as user_id', 'employer as employer', 'customer as customer', 'year as year', 'inv_number as inv_number', 'revision as revision', 'make_date as make_date' ) ->where('id', $id) ->get(); $inv = array(); $cus = array(); $emp = array(); $com = array(); $des = array(); $self = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $u->user_id) ->where('user_id', $u->user_id) ->get(); $cus = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $invoice[0]->customer) ->where('user_id', $u->user_id) ->get(); $emp = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $invoice[0]->employer) ->where('user_id', $u->user_id) ->get(); $com = DB::table('inv_company') ->select('id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm', 'comment1', 'comment2') ->where('user_id', $u->user_id) ->get(); $zero = '0000'; $len = strlen($invoice[0]->inv_number); $num = substr($zero, $len); $fin = $num.$invoice[0]->inv_number; $inv[] = array( 'id' => $id, 'user_id' => $u->user_id, 'invoice_year' => strftime('%Y', $invoice[0]->make_date), 'invoice_month' => strftime('%B', $invoice[0]->make_date), 'invoice_date' => strftime($format[0]->date_format, $invoice[0]->make_date), 'invoice' => $invoice[0]->year.$fin.($invoice[0]->revision > 0 ? '_R'.$invoice[0]->revision : '') ); $items = DB::table('inv_invoice_items') ->join('inv_services', 'inv_services.id', 'inv_invoice_items.service_id') ->where('inv_invoice_items.invoice_id', $id) ->where('inv_invoice_items.user_id', $u->user_id) ->get(array( 'inv_invoice_items.id as id', 'inv_services.id as service_id', 'inv_services.name', 'inv_services.rate', 'inv_invoice_items.from_time', 'inv_invoice_items.to_time' )); foreach($items as $j) { $des[] = array( 'id' => $j->id, 'service_id' => $j->service_id, 'name' => $j->name, 'rate' => $j->rate, 'work_date' => strftime($format[0]->date_format, $j->from_time), 'from_time' => strftime('%H:%M', $j->from_time), 'from_time_unix' => $j->from_time, 'from_time_js' => $j->from_time * 1000, 'to_time' => strftime('%H:%M', $j->to_time), 'to_time_unix' => $j->to_time, 'to_time_js' => $j->to_time * 1000 ); } return array( 'invoice' => $inv, 'user' => $self, 'company' => $com, 'employer' => $emp, 'customer' => $cus, 'items' => $des ); } else { $format = DB::table('inv_company') ->select('date_format') ->where('user_id', $check) ->get(); $invoice = DB::table('inv_invoices') ->select( 'id as id', 'user_id as user_id', 'employer as employer', 'customer as customer', 'year as year', 'inv_number as inv_number', 'revision as revision', 'make_date as make_date' ) ->where('id', $id) ->where('user_id', $check) ->get(); $inv = array(); $cus = array(); $emp = array(); $com = array(); $des = array(); $self = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $check) ->where('user_id', $check) ->get(); $cus = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $invoice[0]->customer) ->where('user_id', $check) ->get(); $emp = DB::table('inv_contacts') ->select('id', 'company_name', 'name', 'address', 'postcode', 'town', 'country', 'phone', 'website', 'email', 'custom') ->where('id', $invoice[0]->employer) ->where('user_id', $check) ->get(); $com = DB::table('inv_company') ->select('id', 'name', 'compreg', 'taxnr', 'bank_number', 'bank_name', 'bank_recipient', 'logo', 'payterm', 'comment1', 'comment2') ->where('user_id', $check) ->get(); $zero = '0000'; $len = strlen($invoice[0]->inv_number); $num = substr($zero, $len); $fin = $num.$invoice[0]->inv_number; $inv[] = array( 'id' => $id, 'user_id' => $u->user_id, 'invoice_year' => strftime('%Y', $invoice[0]->make_date), 'invoice_month' => strftime('%B', $invoice[0]->make_date), 'invoice_date' => strftime($format[0]->date_format, $invoice[0]->make_date), 'invoice' => $invoice[0]->year.$fin.($invoice[0]->revision > 0 ? '_R'.$invoice[0]->revision : '') ); $items = DB::table('inv_invoice_items') ->join('inv_services', 'inv_services.id', 'inv_invoice_items.service_id') ->where('inv_invoice_items.invoice_id', $id) ->where('inv_invoice_items.user_id', $check) ->get(array( 'inv_invoice_items.id as id', 'inv_services.id as service_id', 'inv_services.name', 'inv_services.rate', 'inv_invoice_items.from_time', 'inv_invoice_items.to_time' )); foreach($items as $j) { $des[] = array( 'id' => $j->id, 'service_id' => $j->service_id, 'name' => $j->name, 'rate' => $j->rate, 'work_date' => strftime($format[0]->date_format, $j->from_time), 'from_time' => strftime('%H:%M', $j->from_time), 'from_time_unix' => $j->from_time, 'from_time_js' => $j->from_time * 1000, 'to_time' => strftime('%H:%M', $j->to_time), 'to_time_js' => $j->to_time * 1000, 'to_time_unix' => $j->to_time ); } return array( 'invoice' => $inv, 'user' => $self, 'company' => $com, 'employer' => $emp, 'customer' => $cus, 'items' => $des ); } } else { return 'Permission denied.'; } } } public function newInvoiceItem(Request $request) { // /api/rpc/invoice/invoices/newitem $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_invoice_items') ->insert([ 'user_id' => $request->user_id, 'invoice_id' => $request->inv, 'service_id' => $request->service_id, 'from_time' => $request->from_time, 'to_time' => $request->to_time ]); } else { DB::table('inv_invoice_items') ->insert([ 'user_id' => $check, 'invoice_id' => $request->inv, 'service_id' => $request->service_id, 'from_time' => $request->from_time, 'to_time' => $request->to_time ]); } return 'Success!'; } else { return 'Permission denied.'; } } } public function newInvoice(Request $request) { // /api/rpc/invoice/invoices/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $lastInv = DB::table('inv_invoices') ->where('year', date('Y')) ->where('user_id', $request->user_id) ->count(); $add = DB::table('inv_invoices') ->insertGetId([ 'user_id' => $request->user_id, 'customer' => $request->customer, 'employer' => $request->employer, 'year' => date('Y'), 'inv_number' => $lastInv + 1, 'revision' => 0, 'make_date' => time() ]); } else { $lastInv = DB::table('inv_invoices') ->where('year', date('Y')) ->where('user_id', $check) ->count(); $add = DB::table('inv_invoices') ->insertGetId([ 'user_id' => $check, 'customer' => $request->customer, 'employer' => $request->employer, 'year' => date('Y'), 'inv_number' => $lastInv + 1, 'revision' => 0, 'make_date' => time() ]); } return $add; } else { return 'Permission denied.'; } } } public function editInvoiceItem(Request $request) { // /api/rpc/invoice/invoices/edititem $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_invoice_items') ->where('id', $request->id) ->where('invoice_id', $request->inv) ->update([ 'service_id' => $request->service_id, 'from_time' => $request->from_time, 'to_time' => $request->to_time ]); } else { DB::table('inv_invoice_items') ->where('id', $request->id) ->where('user_id', $check) ->where('invoice_id', $request->inv) ->update([ 'service_id' => $request->service_id, 'from_time' => $request->from_time, 'to_time' => $request->to_time ]); } } else { return 'Permission denied.'; } } } public function editInvoice(Request $request) { // /api/rpc/invoice/invoices/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { $rev = DB::table('inv_invoices') ->select('revision') ->where('id', $request->id) ->get(); if ($valid['inv_manuser'] == 1) { DB::table('inv_invoices') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'customer' => $request->customer, 'employer' => $request->employer, 'revision' => $rev[0]->revision + 1 ]); } else { DB::table('inv_invoices') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'customer' => $request->customer, 'employer' => $request->employer, 'revision' => $rev[0]->revision + 1 ]); } return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteInvoice(Request $request) { // /api/rpc/invoice/invoices/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_invoices')->where('id', $request->id)->delete(); } else { DB::table('inv_invoices')->where('id', $request->id)->where('user_id', $check)->delete(); } return 'Done.'; } else { return 'Permission denied.'; } } } // Periods public function getPeriods(Request $request) { // /api/rpc/invoice/periods/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { return DB::table('inv_periods') ->select( 'id', 'user_id', 'name', 'price', 'intervals', 'period' ) ->get(); } else { return DB::table('inv_periods') ->select( 'id', 'name', 'price', 'intervals', 'period' ) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function getPeriod($id, Request $request) { // /api/rpc/invoice/periods/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { return DB::table('inv_periods') ->select( 'id', 'user_id', 'name', 'price', 'intervals', 'period' ) ->where('id', $id) ->get(); } else { return DB::table('inv_periods') ->select( 'id', 'name', 'price', 'intervals', 'period' ) ->where('id', $id) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function newPeriod(Request $request) { // /api/rpc/invoice/periods/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_periods') ->insertGetId([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price, 'intervals' => $request->intervals, 'period' => $request->period ]); } else { $add = DB::table('inv_periods') ->insertGetId([ 'user_id' => $check, 'name' => $request->name, 'price' => $request->price, 'intervals' => $request->intervals, 'period' => $request->period ]); } return $add; } else { return 'Permission denied.'; } } } public function editPeriod(Request $request) { // /api/rpc/invoice/periods/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_periods') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price, 'intervals' => $request->intervals, 'period' => $request->period ]); } else { DB::table('inv_periods') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'name' => $request->name, 'price' => $request->price, 'intervals' => $request->intervals, 'period' => $request->period ]); } return 'Success!'; } else { return 'Permission denied.'; } } } public function deletePeriod(Request $request) { // /api/rpc/invoice/periods/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_periods')->where('id', $request->id)->delete(); } else { DB::table('inv_periods')->where('id', $request->id)->where('user_id', $check)->delete(); } return 'Done.'; } else { return 'Permission denied.'; } } } // Products public function getProducts(Request $request) { // /api/rpc/invoice/products/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { return DB::table('inv_products') ->select( 'id', 'user_id', 'name', 'price' ) ->get(); } else { return DB::table('inv_products') ->select( 'id', 'name', 'price' ) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function getProduct($id, Request $request) { // /api/rpc/invoice/products/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $get = DB::table('inv_products') ->select( 'id', 'user_id', 'name', 'price' ) ->where('id', $id) ->get(); return $get; } else { $get = DB::table('inv_products') ->select( 'id', 'name', 'price' ) ->where('id', $id) ->where('user_id', $check) ->get(); return $get; } } else { return 'Permission denied.'; } } } public function newProduct(Request $request) { // /api/rpc/invoice/products/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_products') ->insertGetId([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price ]); } else { $add = DB::table('inv_products') ->insertGetId([ 'user_id' => $check, 'name' => $request->name, 'price' => $request->price ]); } return $add; } else { return 'Permission denied.'; } } } public function editProduct(Request $request) { // /api/rpc/invoice/products/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_products') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price ]); } else { DB::table('inv_products') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'name' => $request->name, 'price' => $request->price ]); } return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteProduct(Request $request) { // /api/rpc/invoice/products/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_products')->where('id', $request->id)->delete(); } else { DB::table('inv_products')->where('id', $request->id)->where('user_id', $check)->delete(); } return 'Done.'; } else { return 'Permission denied.'; } } } // Services public function getServices(Request $request) { // /api/rpc/invoice/services/getall $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { return DB::table('inv_services') ->select( 'id', 'user_id', 'name', 'price' ) ->get(); } else { return DB::table('inv_services') ->select( 'id', 'name', 'price' ) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function getService($id, Request $request) { // /api/rpc/invoice/services/get/id $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { return DB::table('inv_services') ->select('*') ->where('id', $id) ->get(); } else { return DB::table('inv_services') ->select('*') ->where('id', $id) ->where('user_id', $check) ->get(); } } else { return 'Permission denied.'; } } } public function newService(Request $request) { // /api/rpc/invoice/services/new $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { $add = DB::table('inv_services') ->insertGetId([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price ]); } else { $add = DB::table('inv_services') ->insertGetId([ 'user_id' => $check, 'name' => $request->name, 'price' => $request->price ]); } return $add; } else { return 'Permission denied.'; } } } public function editService(Request $request) { // /api/rpc/invoice/services/edit $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_services') ->where('id', $request->id) ->update([ 'user_id' => $request->user_id, 'name' => $request->name, 'price' => $request->price ]); } else { DB::table('inv_services') ->where('id', $request->id) ->where('user_id', $check) ->update([ 'user_id' => $check, 'name' => $request->name, 'price' => $request->price ]); } return 'Success!'; } else { return 'Permission denied.'; } } } public function deleteService(Request $request) { // /api/rpc/invoice/services/delete $check = $this->objAuth->checkLegit($request->username, $request->password); if ($check == 0) { return 'Err!'; } else { $valid = $this->objAuth->getPermissions($request->username, $request->password); if ($valid['inv_makeinvoice'] == 1) { if ($valid['inv_manuser'] == 1) { DB::table('inv_services')->where('id', $request->id)->delete(); } else { DB::table('inv_services')->where('id', $request->id)->where('user_id', $check)->delete(); } return 'Done.'; } else { return 'Permission denied.'; } } } }