Add UUID validation and order status reload functionality; enhance admin manager retrieval and update order status logic

application/controllers/admin.php

@@ -151,6 +151,11 @@ class admin extends Controller {
             $model->set_notifications($_REQUEST['id']);
             exit;
         }
+
+        if ($action=='setcreator') {
+            $model->updateAdminCreator();
+            exit;
+        }
         
         if ($action=='show') {
             $view->set('active',$model->loadAdmin());
@@ -170,7 +175,11 @@ class admin extends Controller {
         }
 
         $view->set('hotels', $api->getAllPartner(true));
-        
+
+        if ($_SESSION['access_level'] == 11) {
+            $view->set('managers', $model->getHotelManagers());
+        }
+
         $view->render();
     }
     
@@ -310,7 +319,37 @@ class admin extends Controller {
         if ($action=='set') {
             $model->setOrderState($_REQUEST['id'],$_REQUEST['state']);
         }
-        
+
+        if ($action=='reloadstatus') {
+            $uuid = $_REQUEST['uuid'];
+            $order_id = $_REQUEST['order_id'];
+
+            $result = $api->getTransactionStatusFromSimplePay($uuid);
+
+            if (!empty($result['data'])) {
+                $status = isset($result['data']['status']) ? $result['data']['status'] : '';
+                $resultCode = isset($result['data']['resultCode']) ? $result['data']['resultCode'] : '';
+                $errorMessage = '';
+
+                if ($resultCode != '') {
+                    $errorMessage = admin_utils::getSystemParam($resultCode);
+                    if ($errorMessage === false) $errorMessage = '';
+                }
+
+                $model->updateOrderStatus($order_id, $status, $resultCode, $errorMessage);
+
+                echo json_encode(array(
+                    'success' => true,
+                    'status' => $status,
+                    'error_code' => $resultCode,
+                    'error_message' => $errorMessage
+                ));
+            } else {
+                echo json_encode(array('success' => false));
+            }
+            exit();
+        }
+
         $orders = $model->getOrders();
         $hotels = $api->getHotels(true);
         foreach ($orders as $order) {

application/controllers/api.php

@@ -199,4 +199,9 @@ class api extends Controller {
     echo json_encode($response);
   }
 
+  public function frontendValidateUUID() {
+    $model = $this->loadModel('api_model');
+    echo json_encode($model->validateUUID($_REQUEST['uuid']));
+  }
+
 }

application/models/admin_admins_model.php

@@ -94,6 +94,22 @@ class admin_admins_model extends Model {
     }
     
     
+    public function getHotelManagers() {
+        $result = $this->query("select admin_id, admin_real_name, admin_name from azonics_admin_users where admin_access_level='13' and admin_status<>'2' order by admin_real_name asc;");
+        if (sizeof($result)>0) {
+            return $result;
+        }
+        return array();
+    }
+
+
+    public function updateAdminCreator() {
+        $data = $this->escapeArray($_REQUEST);
+        $this->execute("update azonics_admin_users set admin_creator='".$data['admin_creator']."' where admin_id='".$data['admin_id']."';");
+        return true;
+    }
+
+
     public function deleteAdmin() {
         $data = $this->escapeArray($_REQUEST);
         $this->execute("update azonics_admin_users set admin_status='2' where admin_id='".$data['id']."';");

application/models/admin_orders_model.php

@@ -4,17 +4,17 @@ class admin_orders_model extends Model {
     
     
     public function getOrders() {
-        if ($_SESSION['access_level'] == 13) {
+        if ($_SESSION['access_level'] == 13 || $_SESSION['access_level'] == 14) {
             $hotels = unserialize($_SESSION['admin_user']->admin_dashboard);
             foreach ($hotels as $hotel) {
                 $list[] = str_replace("hotel_", "", $hotel);
             }
             $result = $this->query("SELECT * FROM azonics_orders WHERE order_uuid != '' AND order_hotel IN ('".implode("','",$list)."') ORDER BY order_date DESC;");
         }
-        elseif ($_SESSION['access_level'] == 14) {
+        /*elseif ($_SESSION['access_level'] == 14) {
             $user = $_SESSION['admin_user']->admin_name;
             $result = $this->query("SELECT * FROM azonics_orders WHERE order_uuid != '' AND order_sales='".$user."' ORDER BY order_date DESC;");
-        }
+        }*/
         else {
             $result = $this->query("SELECT * FROM azonics_orders WHERE order_uuid != '' ORDER BY order_date DESC;");
         }
@@ -56,6 +56,20 @@ class admin_orders_model extends Model {
     }
     
     
+    public function updateOrderStatus($order_id, $auth_code, $error_code, $error_message) {
+        $order_id = $this->escapeString($order_id);
+        $auth_code = $this->escapeString($auth_code);
+        $error_code = $this->escapeString($error_code);
+        $error_message = $this->escapeString($error_message);
+        $this->execute("UPDATE azonics_orders SET
+            order_auth_code = '".$auth_code."',
+            order_error_code = '".$error_code."',
+            order_error_message = '".$error_message."'
+            WHERE order_id = '".$order_id."';");
+        return true;
+    }
+
+
     public function setOrderState($id,$state) {
         $id = $this->escapeString($id);
         $state = $this->escapeString($state);

application/models/api_model.php

@@ -3,8 +3,8 @@
 class api_model extends Model {
 
   //private $API = 'https://szollosil.bbus.smbinfo.hu/api/index.php';
-  //private $API = 'https://hoponticket.com/api/index.php';
-  private $API = 'https://php82fpm.umsbox.hu/api/index.php';
+  private $API = 'https://hoponticket.com/api/index.php';
+  //private $API = 'https://php82fpm.umsbox.hu/api/index.php';
 
   private $API_KEY = '92JxvN5Zeti4E1FDwKg0QPEl3md4vY63';
 
@@ -896,6 +896,52 @@ class api_model extends Model {
     return $response;
   }
 
+  public function getTransactionStatusFromSimplePay($uuid) {
+    $curl = curl_init();
+
+    curl_setopt_array($curl, array(
+      CURLOPT_URL => $this->API.'/affiliateapi/getTransactionStatusFromSimplePay?uuid='.$uuid,
+      CURLOPT_RETURNTRANSFER => true,
+      CURLOPT_ENCODING => '',
+      CURLOPT_MAXREDIRS => 10,
+      CURLOPT_TIMEOUT => 0,
+      CURLOPT_FOLLOWLOCATION => true,
+      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+      CURLOPT_CUSTOMREQUEST => 'GET',
+      CURLOPT_HTTPHEADER => array(
+        'DOLAPIKEY: '.$this->API_KEY
+      ),
+    ));
+    $response = curl_exec($curl);
+    curl_close($curl);
+    $response = json_decode($response, true);
+    return $response;
+  }
+
+  public function validateUUID($uuid) {
+    $curl = curl_init();
+
+    curl_setopt_array($curl, array(
+      CURLOPT_URL => $this->API.'/affiliateapi/CheckUUIDValidation?uuid='.$uuid,
+      CURLOPT_RETURNTRANSFER => true,
+      CURLOPT_ENCODING => '',
+      CURLOPT_MAXREDIRS => 10,
+      CURLOPT_TIMEOUT => 0,
+      CURLOPT_FOLLOWLOCATION => true,
+      CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+      CURLOPT_CUSTOMREQUEST => 'GET',
+      CURLOPT_HTTPHEADER => array(
+        'DOLAPIKEY: '.$this->API_KEY
+      ),
+    ));
+    $response = curl_exec($curl);
+    print_r($response);
+    die();
+    curl_close($curl);
+    $response = json_decode($response, true);
+    return $response;
+  }
+
   public function authenticateUser($username, $password) {
     $row = $this->query("SELECT * FROM `azonics_admin_users` WHERE admin_pass='".$password."' AND (admin_email='".$username."' OR admin_name='".$username."') AND admin_status='1';");
     if (count($row) == 0) {

application/views/admin_admins.php

@@ -13,7 +13,7 @@
     </section>
     
     <section class="content">
-    <div class="row"><div class="col-lg-6">
+    <div class="row"><div class="col-lg-8">
         <div class="box box-info">
             <div class="box-header with-border">
                 <h3 class="box-title"><?=lang::_('List of users')?></h3>
@@ -24,20 +24,19 @@
                     <table id="mytable6" class="table table-bordered table-hover dataTable table-striped data-list">
                         <thead>
                             <tr>
-                                <th style="width: 20px;">Értesítés</th>
-                                <th><?=lang::_('Avatar')?></th>
                                 <th><?=lang::_('Username')?></th>
                                 <th><?=lang::_('Name')?></th>
                                 <th><?=lang::_('Access level')?></th>
                                 <th><?=lang::_('Hotel')?></th>
+                                <?php if ($_SESSION['access_level'] == 11) : ?>
+                                <th><?=lang::_('Létrehozó')?></th>
+                                <?php endif; ?>
                                 <th>&nbsp;</th>
                             </tr>
                         </thead>
                         <tbody>
                             <?php foreach ($admins as $admin) : ?>
                             <tr>
-                                <td><input type="checkbox" name="ertesites" value="y" id="ertesites" onclick="set_admin_email_notifications($(this),'<?=$admin->admin_id?>')"<?php if ($admin->admin_notifications=='y') echo ' checked'; ?>></td>
-                                <td><?php if ($admin->admin_avatar!='') : ?><img src="<?php echo BASE_URL; ?><?=$admin->admin_avatar?>" alt="<?=$admin->admin_real_name?>" class="avatar-thumb" /><?php endif; ?></td>
                                 <td><?=$admin->admin_name?></td>
                                 <td><?=$admin->admin_real_name?></td>
                                 <td><?=admin_utils::getAccessLevelName($admin->admin_access_level)?></td>
@@ -54,6 +53,27 @@
                                     }
                                     ?>
                                 </td>
+                                <?php if ($_SESSION['access_level'] == 11) : ?>
+                                <td>
+                                    <?php
+                                    if ($admin->admin_creator == 0 || $admin->admin_creator == 1 || $admin->admin_creator == 11) {
+                                        echo 'Superuser';
+                                    } else {
+                                        $creatorFound = false;
+                                        if (isset($managers)) {
+                                            foreach ($managers as $manager) {
+                                                if ($manager->admin_id == $admin->admin_creator) {
+                                                    echo $manager->admin_real_name != '' ? $manager->admin_real_name : $manager->admin_name;
+                                                    $creatorFound = true;
+                                                    break;
+                                                }
+                                            }
+                                        }
+                                        if (!$creatorFound) echo 'Superuser';
+                                    }
+                                    ?>
+                                </td>
+                                <?php endif; ?>
                                 <td style="width: 85px; min-width: 85px; max-width: 85px;">
                                     <div class="btn-group">
                                         <button type="button" style="border: none; margin-right: 2px;" onclick="window.location='/admin/admins/show/?id=<?=$admin->admin_id?>#editor';" class="btn btn-flat btn-warning"><i class="fa fa-pencil"></i></button>
@@ -71,7 +91,7 @@
         </div>
     </div>
         
-    <div class="col-lg-6">
+    <div class="col-lg-4">
         <div class="callout callout-success<?php if (!$error) echo ' message-hide';?>" style="">
             <button type="button" class="close" onclick="javascript: $(this).parent('div').fadeOut('fast');">×</button>
             <h4><i class="fa fa-check"></i>&nbsp;&nbsp;<?=lang::_('Yep, successfully saved!')?></h4>
@@ -90,7 +110,7 @@
                 <form role="form" id="adminEditor" action="/admin/admins/save/" method="post" autocomplete="off">
                     <input type="hidden" name="admin_id" value="<?=$active->admin_id?>" />
                     <div class="row">
-                        <div class="col-lg-6">
+                        <div class="col-lg-12">
                             <div class="form-group">
                                 <label for="admin_name"><?=lang::_('Username')?>: </label>
                                 <input type="text" name="admin_name" autocomplete="off" value="<?=$active->admin_name?>" class="form-control" id="admin_name" data-validate="true" />
@@ -117,8 +137,19 @@
                                     <?=admin_utils::getAdminAccessLevels($active->admin_access_level)?>
                                 </select>
                             </div>
+                            <?php if ($_SESSION['access_level'] == 11 && isset($managers)) : ?>
+                            <div class="form-group">
+                                <label for="admin_creator"><?=lang::_('Létrehozó')?>: </label>
+                                <select class="form-control" id="admin_creator" name="admin_creator" onchange="set_admin_creator('<?=$active->admin_id?>', this.value)">
+                                    <option value="0"<?php if (!$active->admin_creator || $active->admin_creator == 0 || $active->admin_creator == 1 || $active->admin_creator == 11) echo ' selected'; ?>>Superuser</option>
+                                    <?php foreach ($managers as $manager) : ?>
+                                    <option value="<?=$manager->admin_id?>"<?php if ($active->admin_creator == $manager->admin_id) echo ' selected'; ?>><?=$manager->admin_real_name != '' ? $manager->admin_real_name : $manager->admin_name?></option>
+                                    <?php endforeach; ?>
+                                </select>
+                            </div>
+                            <?php endif; ?>
                         </div>
-                        <div class="col-lg-6">
+                        <div class="col-lg-6" style="display: none;">
                             <input type="hidden" name="tempContainer" value="" id="tempContainer" />
                             <input type="hidden" name="placeHolderContainer" value="<?=BASE_URL.$active->admin_avatar?>" id="placeHolderContainer" />
                             <div class="image-editor" id="avatarImage">
@@ -218,7 +249,7 @@
                     <input type="hidden" name="selectedHotels" id="selectedHotels" value="" />
                     <div class="row">
                         <div class="col-lg-12">
-                            <button type="button" onclick="validateUser('#adminEditor','#avatarImage')" class="btn btn-success"><?=lang::_('Save user');?></button>
+                            <button type="button" onclick="validateUser('#adminEditor')" class="btn btn-success"><?=lang::_('Save user');?></button>
                         </div>
                     </div>
                 </form>

application/views/admin_orders.php

@@ -61,9 +61,15 @@
                                 <td><?=$order->order_customer_street?></td>
                                 <td><?=$order->order_customer_house?></td>
                                 <td><?=$order->order_transaction_id?></td>
-                                <td><?=$order->order_auth_code?></td>
-                                <td><?=$order->order_error_code?></td>
-                                <td><?=$order->order_error_message?></td>
+                                <td id="status_<?=$order->order_id?>">
+                                    <?php if (empty($order->order_auth_code)) : ?>
+                                        <button type="button" onclick="reloadOrderStatus('<?=$order->order_id?>','<?=$order->order_uuid?>');" class="btn btn-flat btn-danger btn-sm"><i class="fa fa-refresh"></i> Check</button>
+                                    <?php else : ?>
+                                        <?=$order->order_auth_code?>
+                                    <?php endif; ?>
+                                </td>
+                                <td id="errorcode_<?=$order->order_id?>"><?=$order->order_error_code?></td>
+                                <td id="errormsg_<?=$order->order_id?>"><?=$order->order_error_message?></td>
                                 <td><?=$order->order_customer_ip?></td>
                                 <td><?=$order->order_customer_browser?></td>
                                 <td>

static/js/admin_functions.js

@@ -17,6 +17,27 @@ function setOrderState(id,state) {
 }
 
 
+function reloadOrderStatus(orderId, uuid) {
+    if (orderId !== '' && uuid !== '') {
+        var btn = $('#status_' + orderId + ' button');
+        btn.prop('disabled', true);
+        btn.html('<i class="fa fa-circle-o-notch fa-spin"></i> Loading...');
+
+        $.post('/admin/orders/reloadstatus/', {order_id: orderId, uuid: uuid}, function(resp) {
+            var data = JSON.parse(resp);
+            if (data.success) {
+                $('#status_' + orderId).html(data.status);
+                $('#errorcode_' + orderId).html(data.error_code);
+                $('#errormsg_' + orderId).html(data.error_message);
+            } else {
+                btn.prop('disabled', false);
+                btn.html('<i class="fa fa-refresh"></i> Reload');
+            }
+        });
+    }
+}
+
+
 function validateForm(frm,cropper,cropper2) {
     var inputError = false;
     var selector = frm+' input[data-validate]';
@@ -1280,6 +1301,11 @@ function set_admin_email_notifications(obj,id) {
 }
 
 
+function set_admin_creator(admin_id, creator_id) {
+    $.post('/admin/admins/setcreator/',{admin_id: admin_id, admin_creator: creator_id},function(resp) {});
+}
+
+
 function add_new_referens() {
     $.get('/admin/ertekeles/referenskereses',function(resp) {
         $('#dialog').html(resp);