1 <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
   2 
   3 /**
   4  * Contains all the backend ajax calls.
   5  */
   6 class Backend_api extends CI_Controller {
   7     private $privileges;
   8     
   9     public function __construct() {
  10         parent::__construct();
  11         
  12         $this->load->library('session');
  13         $this->load->model('roles_model');
  14         $this->privileges = $this->roles_model->get_privileges($this->session->userdata('role_slug'));
  15         
  16         // Set user's selected language.        
  17         if ($this->session->userdata('language')) {
  18             $this->config->set_item('language', $this->session->userdata('language'));
  19             $this->lang->load('translations', $this->session->userdata('language'));
  20         } else {
  21             $this->lang->load('translations', $this->config->item('language')); // default
  22         }
  23     }
  24     
  25     /**
  26      * [AJAX] Get the registered appointments for the given date period and record.
  27      * 
  28      * This method returns the database appointments and unavailable periods for the 
  29      * user selected date period and record type (provider or service). 
  30      * 
  31      * @param {numeric} $_POST['record_id'] Selected record id. 
  32      * @param {string} $_POST['filter_type'] Could be either FILTER_TYPE_PROVIDER or FILTER_TYPE_SERVICE.
  33      * @param {string} $_POST['start_date'] The user selected start date.
  34      * @param {string} $_POST['end_date'] The user selected end date.
  35      */
  36     public function ajax_get_calendar_appointments() {
  37         try {
  38             if ($this->privileges[PRIV_APPOINTMENTS]['view'] == FALSE) {
  39                 throw new Exception('You do not have the required privileges for this task.');
  40             }
  41             
  42             $this->load->model('appointments_model');
  43             $this->load->model('providers_model');
  44             $this->load->model('services_model');
  45             $this->load->model('customers_model');
  46             
  47             if ($_POST['filter_type'] == FILTER_TYPE_PROVIDER) {
  48                 $where_id = 'id_users_provider';
  49             } else { 
  50                 $where_id = 'id_services';
  51             }            
  52             
  53             // Get appointments
  54             $where_clause = array(
  55                 $where_id => $_POST['record_id'],
  56                 //'start_datetime >=' => $_POST['start_date'],
  57                 //'end_datetime <=' => $_POST['end_date'],
  58                 'is_unavailable' => FALSE
  59             );
  60             
  61             $response['appointments'] = $this->appointments_model->get_batch($where_clause);
  62 
  63             foreach($response['appointments'] as &$appointment) {
  64                 $appointment['provider'] = $this->providers_model->get_row($appointment['id_users_provider']);
  65                 $appointment['service'] = $this->services_model->get_row($appointment['id_services']);
  66                 $appointment['customer'] = $this->customers_model->get_row($appointment['id_users_customer']);
  67             }
  68             
  69             // Get unavailable periods (only for provider).
  70             if ($_POST['filter_type'] == FILTER_TYPE_PROVIDER) {
  71                 $where_clause = array(
  72                     $where_id => $_POST['record_id'],
  73                     //'start_datetime >=' => $_POST['start_date'],
  74                     //'end_datetime <=' => $_POST['end_date'],
  75                     'is_unavailable' => TRUE
  76                 );
  77                 
  78                 $response['unavailables'] = $this->appointments_model->get_batch($where_clause);
  79             }
  80                 
  81             echo json_encode($response);
  82             
  83         } catch(Exception $exc) {
  84             echo json_encode(array(
  85                 'exceptions' => array(exceptionToJavaScript($exc))
  86             ));
  87         }
  88     }
  89     
  90     /**
  91      * [AJAX] Save appointment changes that are made from the backend calendar
  92      * page.
  93      * 
  94      * @param array $_POST['appointment_data'] (OPTIONAL) Array with the 
  95      * appointment data.
  96      * @param array $_POST['customer_data'] (OPTIONAL) Array with the customer 
  97      * data.
  98      */
  99     public function ajax_save_appointment() {
 100         try {
 101             $this->load->model('appointments_model');
 102             $this->load->model('providers_model');
 103             $this->load->model('services_model');
 104             $this->load->model('customers_model');
 105             $this->load->model('settings_model');
 106             
 107             // :: SAVE CUSTOMER CHANGES TO DATABASE
 108             if (isset($_POST['customer_data'])) {
 109                 $customer = json_decode(stripcslashes($_POST['customer_data']), true);
 110                 
 111                 $REQUIRED_PRIV = (!isset($customer['id'])) 
 112                         ? $this->privileges[PRIV_CUSTOMERS]['add'] 
 113                         : $this->privileges[PRIV_CUSTOMERS]['edit'];
 114                 if ($REQUIRED_PRIV == FALSE) {
 115                     throw new Exception('You do not have the required privileges for this task.');
 116                 }
 117                 
 118                 $customer['id'] = $this->customers_model->add($customer);
 119             }
 120             
 121             // :: SAVE APPOINTMENT CHANGES TO DATABASE
 122             if (isset($_POST['appointment_data'])) {
 123                 $appointment = json_decode(stripcslashes($_POST['appointment_data']), true);
 124                 
 125                 $REQUIRED_PRIV = (!isset($appointment['id'])) 
 126                         ? $this->privileges[PRIV_APPOINTMENTS]['add'] 
 127                         : $this->privileges[PRIV_APPOINTMENTS]['edit'];
 128                 if ($REQUIRED_PRIV == FALSE) {
 129                     throw new Exception('You do not have the required privileges for this task.');
 130                 }
 131                 
 132                 $manage_mode = isset($appointment['id']);
 133                 // If the appointment does not contain the customer record id, then it 
 134                 // means that is is going to be inserted. Get the customer's record id.
 135                 if (!isset($appointment['id_users_customer'])) {
 136                     $appointment['id_users_customer'] = $customer['id'];
 137                 }
 138                 
 139                 $appointment['id'] = $this->appointments_model->add($appointment);
 140             }
 141             
 142             $appointment = $this->appointments_model->get_row($appointment['id']);
 143             $provider = $this->providers_model->get_row($appointment['id_users_provider']);
 144             $customer = $this->customers_model->get_row($appointment['id_users_customer']);
 145             $service = $this->services_model->get_row($appointment['id_services']);
 146             
 147             $company_settings = array(
 148                 'company_name' => $this->settings_model->get_setting('company_name'),
 149                 'company_link' => $this->settings_model->get_setting('company_link'),
 150                 'company_email' => $this->settings_model->get_setting('company_email')
 151             );
 152             
 153             // :: SYNC APPOINTMENT CHANGES WITH GOOGLE CALENDAR
 154             try {
 155                 $google_sync = $this->providers_model->get_setting('google_sync', 
 156                         $appointment['id_users_provider']);
 157 
 158                 if ($google_sync == TRUE) {
 159                     $google_token = json_decode($this->providers_model->get_setting('google_token', 
 160                             $appointment['id_users_provider']));
 161 
 162                     $this->load->library('Google_Sync');
 163                     $this->google_sync->refresh_token($google_token->refresh_token);
 164 
 165                     if ($appointment['id_google_calendar'] == NULL) {
 166                         $google_event = $this->google_sync->add_appointment($appointment, $provider, 
 167                                 $service, $customer, $company_settings);
 168                         $appointment['id_google_calendar'] = $google_event->id;
 169                         $this->appointments_model->add($appointment); // Store google calendar id.
 170                     } else {
 171                         $this->google_sync->update_appointment($appointment, $provider, 
 172                                 $service, $customer, $company_settings);
 173                     }
 174                 }
 175             } catch(Exception $exc) {
 176                 $warnings[] = exceptionToJavaScript($exc);
 177             }
 178             
 179             // :: SEND EMAIL NOTIFICATIONS TO PROVIDER AND CUSTOMER
 180             try {
 181                 $this->load->library('Notifications');
 182                 
 183                 $send_provider = $this->providers_model
 184                             ->get_setting('notifications', $provider['id']);
 185                 
 186                 if (!$manage_mode) {
 187                     $customer_title = $this->lang->line('appointment_booked');
 188                     $customer_message = $this->lang->line('thank_your_for_appointment');
 189                     $customer_link = $this->config->item('base_url') . '/appointments/index/' 
 190                             . $appointment['hash'];
 191 
 192                     $provider_title = $this->lang->line('appointment_added_to_your_plan');
 193                     $provider_message = $this->lang->line('appointment_link_description');
 194                     $provider_link = $this->config->item('base_url') . '/backend/index/' 
 195                             . $appointment['hash'];
 196                 } else {
 197                     $customer_title = $this->lang->line('appointment_changes_saved');
 198                     $customer_message = '';
 199                     $customer_link = $this->config->item('base_url') . '/appointments/index/' 
 200                             . $appointment['hash'];
 201 
 202                     $provider_title = $this->lang->line('appointment_details_changed');
 203                     $provider_message = '';
 204                     $provider_link = $this->config->item('base_url') . '/backend/index/' 
 205                             . $appointment['hash'];
 206                 }
 207             
 208                 $this->notifications->send_appointment_details($appointment, $provider,
 209                         $service, $customer, $company_settings, $customer_title, 
 210                         $customer_message, $customer_link, $customer['email']);
 211 
 212                 if ($send_provider == TRUE) {
 213                     $this->notifications->send_appointment_details($appointment, $provider,
 214                             $service, $customer, $company_settings, $provider_title, 
 215                             $provider_message, $provider_link, $provider['email']);
 216                 }
 217                 
 218             } catch(Exception $exc) {
 219                 $warnings[] = exceptionToJavaScript($exc);
 220             }
 221             
 222             if (!isset($warnings)) {
 223                 echo json_encode(AJAX_SUCCESS);
 224             } else {
 225                 echo json_encode(array(
 226                     'warnings' => $warnings
 227                 ));
 228             }
 229         } catch(Exception $exc) {
 230             echo json_encode(array(
 231                 'exceptions' => array(exceptionToJavaScript($exc))
 232             ));
 233         }
 234     }
 235     
 236     /**
 237      * [AJAX] Delete appointment from the database.
 238      * 
 239      * This method deletes an existing appointment from the database. Once this 
 240      * action is finished it cannot be undone. Notification emails are send to both
 241      * provider and customer and the delete action is executed to the Google Calendar 
 242      * account of the provider, if the "google_sync" setting is enabled.
 243      * 
 244      * @param int $_POST['appointment_id'] The appointment id to be deleted.
 245      */
 246     public function ajax_delete_appointment() {    
 247         try {
 248             if ($this->privileges[PRIV_APPOINTMENTS]['delete'] == FALSE) {
 249                 throw new Exception('You do not have the required privileges for this task.');
 250             }
 251             
 252             if (!isset($_POST['appointment_id'])) {
 253                 throw new Exception('No appointment id provided.');
 254             }
 255             
 256             // :: STORE APPOINTMENT DATA FOR LATER USE IN THIS METHOD
 257             $this->load->model('appointments_model');
 258             $this->load->model('providers_model');
 259             $this->load->model('customers_model');
 260             $this->load->model('services_model');
 261             $this->load->model('settings_model');
 262 
 263             $appointment = $this->appointments_model->get_row($_POST['appointment_id']);
 264             $provider = $this->providers_model->get_row($appointment['id_users_provider']);
 265             $customer = $this->customers_model->get_row($appointment['id_users_customer']);
 266             $service = $this->services_model->get_row($appointment['id_services']);
 267 
 268             $company_settings = array(
 269                 'company_name' => $this->settings_model->get_setting('company_name'),
 270                 'company_email' => $this->settings_model->get_setting('company_email'),
 271                 'company_link' => $this->settings_model->get_setting('company_link')
 272             );
 273             
 274             // :: DELETE APPOINTMENT RECORD FROM DATABASE
 275             $this->appointments_model->delete($_POST['appointment_id']);
 276             
 277             // :: SYNC DELETE WITH GOOGLE CALENDAR
 278             if ($appointment['id_google_calendar'] != NULL) {
 279                 try {
 280                     $google_sync = $this->providers_model->get_setting('google_sync', $provider['id']);
 281 
 282                     if ($google_sync == TRUE) {
 283                         $google_token = json_decode($this->providers_model
 284                                 ->get_setting('google_token', $provider['id']));
 285                         $this->load->library('Google_Sync');
 286                         $this->google_sync->refresh_token($google_token->refresh_token);
 287                         $this->google_sync->delete_appointment($provider, $appointment['id_google_calendar']);
 288                     }    
 289                 } catch(Exception $exc) {
 290                     $warnings[] = exceptionToJavaScript($exc);
 291                 }
 292             }
 293             
 294             // :: SEND NOTIFICATION EMAILS TO PROVIDER AND CUSTOMER
 295             try {
 296                 $this->load->library('Notifications');
 297                 
 298                 $send_provider = $this->providers_model
 299                             ->get_setting('notifications', $provider['id']);
 300                 
 301                 if ($send_provider == TRUE) {
 302                     $this->notifications->send_delete_appointment($appointment, $provider, 
 303                             $service, $customer, $company_settings, $provider['email'],
 304                             $_POST['delete_reason']);
 305                 }
 306                 
 307                 $this->notifications->send_delete_appointment($appointment, $provider,
 308                         $service, $customer, $company_settings, $customer['email'],
 309                         $_POST['delete_reason']);
 310             } catch(Exception $exc) {
 311                 $warnings[] = exceptionToJavaScript($exc);
 312             }
 313             
 314             // :: SEND RESPONSE TO CLIENT BROWSER
 315             if (!isset($warnings)) {
 316                 echo json_encode(AJAX_SUCCESS); // Everything executed successfully.
 317             } else {
 318                 echo json_encode(array(
 319                     'warnings' => $warnings // There were warnings during the operation.
 320                 ));
 321             }
 322         } catch(Exception $exc) {
 323             echo json_encode(array(
 324                 'exceptions' => array(exceptionToJavaScript($exc))
 325             ));
 326         }
 327     }
 328     
 329     /**
 330      * [AJAX] Disable a providers sync setting.
 331      * 
 332      * This method deletes the "google_sync" and "google_token" settings from the 
 333      * database. After that the provider's appointments will be no longer synced 
 334      * with google calendar.
 335      * 
 336      * @param string $_POST['provider_id'] The selected provider record id.
 337      */
 338     public function ajax_disable_provider_sync() {
 339         try { 
 340             if (!isset($_POST['provider_id'])) 
 341                 throw new Exception('Provider id not specified.');
 342             
 343             
 344             if ($this->privileges[PRIV_USERS]['edit'] == FALSE
 345                     && $this->session->userdata('user_id') != $_POST['provider_id']) {
 346                 throw new Exception('You do not have the required privileges for this task.');
 347             }
 348             
 349             $this->load->model('providers_model');
 350             $this->load->model('appointments_model');
 351             $this->providers_model->set_setting('google_sync', FALSE, $_POST['provider_id']);
 352             $this->providers_model->set_setting('google_token', NULL, $_POST['provider_id']);
 353             $this->appointments_model->clear_google_sync_ids($_POST['provider_id']);
 354             
 355             echo json_encode(AJAX_SUCCESS);
 356             
 357         } catch(Exception $exc) {
 358             echo json_encode(array(
 359                 'exceptions' => array(exceptionToJavaScript($exc))
 360             ));
 361         }
 362     }
 363     
 364     /**
 365      * [AJAX] Filter the customer records with the given key string.
 366      * 
 367      * @param string $_POST['key'] The filter key string
 368      * @return array Returns the search results.
 369      */
 370     public function ajax_filter_customers() {
 371         try {
 372             if ($this->privileges[PRIV_CUSTOMERS]['view'] == FALSE) {
 373                 throw new Exception('You do not have the required privileges for this task.');
 374             }
 375             
 376             $this->load->model('appointments_model');
 377             $this->load->model('services_model');
 378             $this->load->model('providers_model');
 379             $this->load->model('customers_model');
 380             
 381             $key = $this->db->escape_str($_POST['key']); 
 382             
 383             $where_clause = 
 384                     '(first_name LIKE "%' . $key . '%" OR ' . 
 385                     'last_name LIKE "%' . $key . '%" OR ' . 
 386                     'email LIKE "%' . $key . '%" OR ' . 
 387                     'phone_number LIKE "%' . $key . '%" OR ' .
 388                     'address LIKE "%' . $key . '%" OR ' .
 389                     'city LIKE "%' . $key . '%" OR ' .
 390                     'zip_code LIKE "%' . $key . '%")';      
 391             
 392             $customers = $this->customers_model->get_batch($where_clause);
 393             
 394             foreach($customers as &$customer) {
 395                 $appointments = $this->appointments_model
 396                         ->get_batch(array('id_users_customer' => $customer['id']));
 397                 
 398                 foreach($appointments as &$appointment) {
 399                     $appointment['service'] = $this->services_model
 400                             ->get_row($appointment['id_services']);
 401                     $appointment['provider'] = $this->providers_model
 402                             ->get_row($appointment['id_users_provider']);
 403                 }
 404                 
 405                 $customer['appointments'] = $appointments;
 406             }
 407             
 408             echo json_encode($customers);
 409             
 410         } catch(Exception $exc) {
 411             echo json_encode(array(
 412                 'exceptions' => array(exceptionToJavaScript($exc))
 413             ));
 414         }
 415     }
 416     
 417     /**
 418      * [AJAX] Insert of update unavailable time period to database.
 419      * 
 420      * @param array $_POST['unavailable'] JSON encoded array that contains the unavailable 
 421      * period data.
 422      */
 423     public function ajax_save_unavailable() {
 424         try {
 425             // Check privileges
 426             $unavailable = json_decode($_POST['unavailable'], true);
 427             
 428             $REQUIRED_PRIV = (!isset($unavailable['id'])) 
 429                     ? $this->privileges[PRIV_APPOINTMENTS]['add'] 
 430                     : $this->privileges[PRIV_APPOINTMENTS]['edit'];
 431             if ($REQUIRED_PRIV == FALSE) {
 432                 throw new Exception('You do not have the required privileges for this task.');
 433             }
 434             
 435             $this->load->model('appointments_model');
 436             $this->load->model('providers_model');
 437             
 438             $provider = $this->providers_model->get_row($unavailable['id_users_provider']);
 439             
 440             // Add appointment
 441             $unavailable['id'] = $this->appointments_model->add_unavailable($unavailable); 
 442             $unavailable = $this->appointments_model->get_row($unavailable['id']); // fetch all inserted data
 443             
 444             // Google Sync
 445             try {
 446                 $google_sync = $this->providers_model->get_setting('google_sync', 
 447                         $unavailable['id_users_provider']);
 448                 
 449                 if ($google_sync) {
 450                     $google_token = json_decode($this->providers_model->get_setting('google_token',
 451                             $unavailable['id_users_provider']));
 452                     
 453                     $this->load->library('google_sync');
 454                     $this->google_sync->refresh_token($google_token->refresh_token);
 455                     
 456                     if ($unavailable['id_google_calendar'] == NULL) {
 457                         $google_event = $this->google_sync->add_unavailable($provider, $unavailable);
 458                         $unavailable['id_google_calendar'] = $google_event->id;
 459                         $this->appointments_model->add_unavailable($unavailable);
 460                     } else {
 461                         $google_event = $this->google_sync->update_unavailable($provider, $unavailable);
 462                     }
 463                 }
 464             } catch(Exception $exc) {
 465                 $warnings[] = $exc;
 466             }
 467             
 468             if (isset($warnings)) {
 469                 echo json_encode(array(
 470                     'warnings' => $warnings
 471                 ));
 472             } else {
 473                 echo json_encode(AJAX_SUCCESS);
 474             }
 475             
 476         } catch(Exception $exc) { 
 477             echo json_encode(array(
 478                 'exceptions' => array(exceptionToJavaScript($exc))
 479             ));
 480         }
 481     }
 482     
 483     /**
 484      * [AJAX] Delete an unavailable time period from database.
 485      * 
 486      * @param numeric $_POST['unavailable_id'] Record id to be deleted.
 487      */
 488     public function ajax_delete_unavailable() {
 489         try {
 490             if ($this->privileges[PRIV_APPOINTMENTS]['delete'] == FALSE) {
 491                 throw new Exception('You do not have the required privileges for this task.');
 492             }
 493             
 494             $this->load->model('appointments_model');
 495             $this->load->model('providers_model');
 496             
 497             $unavailable = $this->appointments_model->get_row($_POST['unavailable_id']);
 498             $provider = $this->providers_model->get_row($unavailable['id_users_provider']);
 499             
 500             // Delete unavailable 
 501             $this->appointments_model->delete_unavailable($unavailable['id']);
 502             
 503             // Google Sync
 504             try {
 505                 $google_sync = $this->providers_model->get_setting('google_sync', $provider['id']);
 506                 if ($google_sync == TRUE) {
 507                     $google_token = json_decode($this->providers_model->get_setting('google_token', $provider['id']));
 508                     $this->load->library('google_sync');
 509                     $this->google_sync->refresh_token($google_token->refresh_token);
 510                     $this->google_sync->delete_unavailable($provider, $unavailable['id_google_calendar']);
 511                 }
 512             } catch(Exception $exc) {
 513                 $warnings[] = $exc;
 514             }
 515             
 516             if (isset($warnings)) {
 517                 echo json_encode(array(
 518                     'warnings' => $warnings
 519                 ));
 520             } else {
 521                 echo json_encode(AJAX_SUCCESS);
 522             }
 523             
 524         } catch(Exception $exc) {
 525             echo json_encode(array(
 526                 'exceptions' => array(exceptionToJavaScript($exc))
 527             ));
 528         }
 529     }
 530     
 531     /**
 532      * [AJAX] Save (insert or update) a customer record.
 533      * 
 534      * @param array $_POST['customer'] JSON encoded array that contains the customer's data.
 535      */
 536     public function ajax_save_customer() {
 537         try {
 538             $this->load->model('customers_model');
 539             $customer = json_decode($_POST['customer'], true);
 540             
 541             $REQUIRED_PRIV = (!isset($customer['id'])) 
 542                     ? $this->privileges[PRIV_CUSTOMERS]['add'] 
 543                     : $this->privileges[PRIV_CUSTOMERS]['edit'];
 544             if ($REQUIRED_PRIV == FALSE) {
 545                 throw new Exception('You do not have the required privileges for this task.');
 546             }
 547             
 548             $customer_id = $this->customers_model->add($customer);
 549             echo json_encode(array(
 550                 'status' => AJAX_SUCCESS,
 551                 'id' => $customer_id
 552             ));
 553         } catch(Exception $exc) {
 554             echo json_encode(array(
 555                 'exceptions' => array(exceptionToJavaScript($exc))
 556             ));
 557         }
 558     }
 559     
 560     /**
 561      * [AJAX] Delete customer from database.
 562      * 
 563      * @param numeric $_POST['customer_id'] Customer record id to be deleted.
 564      */
 565     public function ajax_delete_customer() {
 566         try {
 567             if ($this->privileges[PRIV_CUSTOMERS]['delete'] == FALSE) {
 568                 throw new Exception('You do not have the required privileges for this task.');
 569             }
 570             
 571             $this->load->model('customers_model');
 572             $this->customers_model->delete($_POST['customer_id']);
 573             echo json_encode(AJAX_SUCCESS);
 574         } catch(Exception $exc) {
 575             echo json_encode(array(
 576                 'exceptions' => array(exceptionToJavaScript($exc))
 577             ));
 578         }
 579     }
 580     
 581     /**
 582      * [AJAX] Save (insert or update) service record.
 583      * 
 584      * @param array $_POST['service'] Contains the service data (json encoded).
 585      */
 586     public function ajax_save_service() {
 587         try {
 588             $this->load->model('services_model');
 589             $service = json_decode($_POST['service'], true);
 590             
 591             $REQUIRED_PRIV = (!isset($service['id'])) 
 592                     ? $this->privileges[PRIV_SERVICES]['add'] 
 593                     : $this->privileges[PRIV_SERVICES]['edit'];
 594             if ($REQUIRED_PRIV == FALSE) {
 595                 throw new Exception('You do not have the required privileges for this task.');
 596             }
 597             
 598             $service_id =$this->services_model->add($service);
 599             echo json_encode(array(
 600                 'status' => AJAX_SUCCESS,
 601                 'id' => $service_id
 602             ));
 603         } catch(Exception $exc) {
 604             echo json_encode(array(
 605                 'exceptions' => array(exceptionToJavaScript($exc))
 606             ));
 607         }
 608     }
 609     
 610     /**
 611      * [AJAX] Delete service record from database.
 612      * 
 613      * @param numeric $_POST['service_id'] Record id to be deleted.
 614      */
 615     public function ajax_delete_service() {
 616         try {
 617             if ($this->privileges[PRIV_SERVICES]['delete'] == FALSE) {
 618                 throw new Exception('You do not have the required privileges for this task.');
 619             }
 620             
 621             $this->load->model('services_model');
 622             $result = $this->services_model->delete($_POST['service_id']);
 623             echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
 624         } catch(Exception $exc) {
 625             echo json_encode(array(
 626                 'exceptions' => array(exceptionToJavaScript($exc))
 627             ));
 628         }
 629     }
 630     
 631     /**
 632      * [AJAX] Filter service records by given key string.
 633      * 
 634      * @param string $_POST['key'] Key string used to filter the records.
 635      * @return array Returns a json encoded array back to client.
 636      */
 637     public function ajax_filter_services() {
 638         try {
 639             if ($this->privileges[PRIV_SERVICES]['view'] == FALSE) {
 640                 throw new Exception('You do not have the required privileges for this task.');
 641             }
 642             
 643             $this->load->model('services_model');
 644             $key = $this->db->escape_str($_POST['key']);  
 645             $where = 
 646                     '(name LIKE "%' . $key . '%" OR duration LIKE "%' . $key . '%" OR ' . 
 647                     'price LIKE "%' . $key . '%" OR currency LIKE "%' . $key . '%" OR ' .
 648                     'description LIKE "%' . $key . '%")';
 649             $services = $this->services_model->get_batch($where);
 650             echo json_encode($services);
 651         } catch(Exception $exc) {
 652             echo json_encode(array(
 653                 'exceptions' => array(exceptionToJavaScript($exc))
 654             ));
 655         }
 656     }
 657     
 658     /**
 659      * [AJAX] Save (insert or update) category record.
 660      * 
 661      * @param array $_POST['category'] Json encoded array with the category data. If an id
 662      * value is provided then the category is going to be udpated instead of inserted.
 663      */
 664     public function ajax_save_service_category() {
 665         try {
 666             $this->load->model('services_model');
 667             $category = json_decode($_POST['category'], true);
 668             
 669             $REQUIRED_PRIV = (!isset($category['id'])) 
 670                     ? $this->privileges[PRIV_SERVICES]['add'] 
 671                     : $this->privileges[PRIV_SERVICES]['edit'];
 672             if ($REQUIRED_PRIV == FALSE) {
 673                 throw new Exception('You do not have the required privileges for this task.');
 674             }
 675             
 676             $category_id = $this->services_model->add_category($category);
 677             echo json_encode(array(
 678                 'status' => AJAX_SUCCESS,
 679                 'id' => $category_id
 680             ));
 681         } catch(Exception $exc) {
 682             echo json_encode(array(
 683                 'exceptions' => array(exceptionToJavaScript($exc))
 684             ));
 685         }
 686     }
 687     
 688     /**
 689      * [AJAX] Delete category record from database.
 690      * 
 691      * @param numeric $_POST['category_id'] Record id to be deleted.
 692      */
 693     public function ajax_delete_service_category() {
 694         try {
 695             if ($this->privileges[PRIV_SERVICES]['delete'] == FALSE) {
 696                 throw new Exception('You do not have the required privileges for this task.');
 697             }
 698             
 699             $this->load->model('services_model');
 700             $result = $this->services_model->delete_category($_POST['category_id']);
 701             echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
 702         } catch(Exception $exc) {
 703             echo json_encode(array(
 704                 'exceptions' => array(exceptionToJavaScript($exc))
 705             ));
 706         }
 707     }
 708     
 709     /**
 710      * [AJAX] Filter services categories with key string.
 711      * 
 712      * @param string $_POST['key'] The key string used to filter the records.
 713      * @return array Returns a json encoded array back to client with the category records.
 714      */
 715     public function ajax_filter_service_categories() {
 716         try {
 717             if ($this->privileges[PRIV_SERVICES]['view'] == FALSE) {
 718                 throw new Exception('You do not have the required privileges for this task.');
 719             }
 720             
 721             $this->load->model('services_model');
 722             $key = $this->db->escape_str($_POST['key']);  
 723             $where = '(name LIKE "%' . $key . '%" OR description LIKE "%' . $key . '%")';
 724             $categories = $this->services_model->get_all_categories($where);
 725             echo json_encode($categories);
 726         } catch(Exception $exc) {
 727             echo json_encode(array(
 728                 'exceptions' => array(exceptionToJavaScript($exc))
 729             ));
 730         }
 731     }
 732     
 733     /**
 734      * [AJAX] Filter admin records with string key.
 735      * 
 736      * @param string $_POST['key'] The key string used to filter the records.
 737      * @return array Returns a json encoded array back to client with the admin records.
 738      */
 739     public function ajax_filter_admins() {
 740         try {
 741             if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
 742                 throw new Exception('You do not have the required privileges for this task.');
 743             }
 744             
 745             $this->load->model('admins_model');
 746             $key = $this->db->escape_str($_POST['key']); 
 747             $where = 
 748                 '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . 
 749                 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 
 750                 'OR phone_number LIKE "%' . $key . '%" OR address LIKE "%' . $key . '%" ' .
 751                 'OR city LIKE "%' . $key . '%" OR state LIKE "%' . $key . '%" ' .
 752                 'OR zip_code LIKE "%' . $key . '%" OR notes LIKE "%' . $key . '%")';
 753             $admins = $this->admins_model->get_batch($where);
 754             echo json_encode($admins);
 755         } catch(Exception $exc) {
 756             echo json_encode(array(
 757                 'exceptions' => array(exceptionToJavaScript($exc))
 758             ));
 759         }
 760     }
 761     
 762     /**
 763      * [AJAX] Save (insert or update) admin record into database.
 764      * 
 765      * @param array $_POST['admin'] A json encoded array that contains the admin data. If an 'id'
 766      * value is provided then the record is going to be updated.
 767      * @return array Returns an array with the operation status and the record id that was 
 768      * saved into the database.
 769      */
 770     public function ajax_save_admin() {
 771         try {
 772             $this->load->model('admins_model');
 773             $admin = json_decode($_POST['admin'], true);
 774             
 775             $REQUIRED_PRIV = (!isset($admin['id'])) 
 776                     ? $this->privileges[PRIV_USERS]['add'] 
 777                     : $this->privileges[PRIV_USERS]['edit'];
 778             if ($REQUIRED_PRIV == FALSE) {
 779                 throw new Exception('You do not have the required privileges for this task.');
 780             }
 781             
 782             $admin_id = $this->admins_model->add($admin);
 783             
 784             $response = array(
 785                 'status' => AJAX_SUCCESS,
 786                 'id' => $admin_id 
 787             );
 788             
 789             echo json_encode($response);
 790         } catch(Exception $exc) {
 791             echo json_encode(array(
 792                 'exceptions' => array(exceptionToJavaScript($exc))
 793             ));
 794         }
 795     }
 796     
 797     /**
 798      * [AJAX] Delete an admin record from the database.
 799      * 
 800      * @param numeric $_POST['admin_id'] The id of the record to be deleted.
 801      * @return string Returns the operation result constant (AJAX_SUCESS or AJAX_FAILURE).
 802      */
 803     public function ajax_delete_admin() {
 804         try {
 805             if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
 806                 throw new Exception('You do not have the required privileges for this task.');
 807             }
 808             
 809             $this->load->model('admins_model');
 810             $result = $this->admins_model->delete($_POST['admin_id']);
 811             echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
 812         } catch(Exception $exc) {
 813             echo json_encode(array(
 814                 'exceptions' => array(exceptionToJavaScript($exc))
 815             ));
 816         }
 817     }
 818     
 819     /**
 820      * [AJAX] Filter provider records with string key.
 821      * 
 822      * @param string $_POST['key'] The key string used to filter the records.
 823      * @return array Returns a json encoded array back to client with the provider records.
 824      */
 825     public function ajax_filter_providers() {
 826         try {
 827             if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
 828                 throw new Exception('You do not have the required privileges for this task.');
 829             }
 830             
 831             $this->load->model('providers_model');
 832             $key = $this->db->escape_str($_POST['key']); 
 833             $where = 
 834                 '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . 
 835                 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 
 836                 'OR phone_number LIKE "%' . $key . '%" OR address LIKE "%' . $key . '%" ' .
 837                 'OR city LIKE "%' . $key . '%" OR state LIKE "%' . $key . '%" ' .
 838                 'OR zip_code LIKE "%' . $key . '%" OR notes LIKE "%' . $key . '%")';
 839             $providers = $this->providers_model->get_batch($where);
 840             echo json_encode($providers);
 841         } catch(Exception $exc) {
 842             echo json_encode(array(
 843                 'exceptions' => array(exceptionToJavaScript($exc))
 844             ));
 845         }
 846     }
 847     
 848     /**
 849      * [AJAX] Save (insert or update) a provider record into database.
 850      * 
 851      * @param array $_POST['provider'] A json encoded array that contains the provider data. If an 'id'
 852      * value is provided then the record is going to be updated.
 853      * @return string Returns the success contant 'AJAX_SUCCESS' so javascript knows that  
 854      * everything completed successfully.
 855      */
 856     public function ajax_save_provider() {
 857         try {
 858             $this->load->model('providers_model');
 859             $provider = json_decode($_POST['provider'], true);
 860             
 861             $REQUIRED_PRIV = (!isset($provider['id'])) 
 862                     ? $this->privileges[PRIV_USERS]['add'] 
 863                     : $this->privileges[PRIV_USERS]['edit'];
 864             if ($REQUIRED_PRIV == FALSE) {
 865                 throw new Exception('You do not have the required privileges for this task.');
 866             }
 867             
 868             if (!isset($provider['settings']['working_plan'])) {
 869                 $this->load->model('settings_model');
 870                 $provider['settings']['working_plan'] = $this->settings_model
 871                         ->get_setting('company_working_plan');
 872             }
 873             
 874             $provider_id = $this->providers_model->add($provider);
 875             
 876             echo json_encode(array(
 877                 'status' => AJAX_SUCCESS,
 878                 'id' => $provider_id
 879             ));
 880             
 881         } catch(Exception $exc) {
 882             echo json_encode(array(
 883                 'exceptions' => array(exceptionToJavaScript($exc))
 884             ));
 885         }
 886     }
 887     
 888     /**
 889      * [AJAX] Delete a provider record from the database.
 890      * 
 891      * @param numeric $_POST['provider_id'] The id of the record to be deleted.
 892      * @return string Returns the operation result constant (AJAX_SUCESS or AJAX_FAILURE).
 893      */
 894     public function ajax_delete_provider() {
 895         try {
 896             if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
 897                 throw new Exception('You do not have the required privileges for this task.');
 898             }
 899             
 900             $this->load->model('providers_model');
 901             $result = $this->providers_model->delete($_POST['provider_id']);
 902             echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
 903         } catch(Exception $exc) {
 904             echo json_encode(array(
 905                 'exceptions' => array(exceptionToJavaScript($exc))
 906             ));
 907         }
 908     }
 909     
 910     /**
 911      * [AJAX] Filter secretary records with string key.
 912      * 
 913      * @param string $_POST['key'] The key string used to filter the records.
 914      * @return array Returns a json encoded array back to client with the secretary records.
 915      */
 916     public function ajax_filter_secretaries() {
 917         try {
 918             if ($this->privileges[PRIV_USERS]['view'] == FALSE) {
 919                 throw new Exception('You do not have the required privileges for this task.');
 920             }
 921             
 922             $this->load->model('secretaries_model');
 923             $key = $this->db->escape_str($_POST['key']); 
 924             $where = 
 925                 '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . 
 926                 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 
 927                 'OR phone_number LIKE "%' . $key . '%" OR address LIKE "%' . $key . '%" ' .
 928                 'OR city LIKE "%' . $key . '%" OR state LIKE "%' . $key . '%" ' .
 929                 'OR zip_code LIKE "%' . $key . '%" OR notes LIKE "%' . $key . '%")';
 930             $secretaries = $this->secretaries_model->get_batch($where);
 931             echo json_encode($secretaries);
 932         } catch(Exception $exc) {
 933             echo json_encode(array(
 934                 'exceptions' => array(exceptionToJavaScript($exc))
 935             ));
 936         }
 937     }
 938     
 939     /**
 940      * [AJAX] Save (insert or update) a secretary record into database.
 941      * 
 942      * @param array $_POST['secretary'] A json encoded array that contains the secretary data. 
 943      * If an 'id' value is provided then the record is going to be updated.
 944      * @return string Returns the success contant 'AJAX_SUCCESS' so javascript knows that  
 945      * everything completed successfully.
 946      */
 947     public function ajax_save_secretary() {
 948         try {
 949             $this->load->model('secretaries_model');
 950             $secretary = json_decode($_POST['secretary'], true);
 951             
 952             $REQUIRED_PRIV = (!isset($secretary['id'])) 
 953                     ? $this->privileges[PRIV_USERS]['add']
 954                     : $this->privileges[PRIV_USERS]['edit'];
 955             if ($REQUIRED_PRIV == FALSE) {
 956                 throw new Exception('You do not have the required privileges for this task.');
 957             }
 958             
 959             $secretary_id = $this->secretaries_model->add($secretary);
 960             
 961             echo json_encode(array(
 962                 'status' => AJAX_SUCCESS,
 963                 'id' => $secretary_id
 964             ));
 965         } catch(Exception $exc) {
 966             echo json_encode(array(
 967                 'exceptions' => array(exceptionToJavaScript($exc))
 968             ));
 969         }
 970     }
 971     
 972     /**
 973      * [AJAX] Delete a secretary record from the database.
 974      * 
 975      * @param numeric $_POST['secretary_id'] The id of the record to be deleted.
 976      * @return string Returns the operation result constant (AJAX_SUCESS or AJAX_FAILURE).
 977      */
 978     public function ajax_delete_secretary() {
 979         try {
 980             if ($this->privileges[PRIV_USERS]['delete'] == FALSE) {
 981                 throw new Exception('You do not have the required privileges for this task.');
 982             }
 983             
 984             $this->load->model('secretaries_model');
 985             $result = $this->secretaries_model->delete($_POST['secretary_id']);
 986             echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
 987         } catch(Exception $exc) {
 988             echo json_encode(array(
 989                 'exceptions' => array(exceptionToJavaScript($exc))
 990             ));
 991         }
 992     }
 993     
 994     /**
 995      * [AJAX] Save a setting or multiple settings in the database.
 996      * 
 997      * This method is used to store settings in the database. It can be either system 
 998      * or user settings, one or many. Use the $_POST variables accordingly.
 999      * 
1000      * @param array $_POST['settings'] Contains an array with settings.
1001      * @param bool $_POST['type'] Determines the settings type, can be either SETTINGS_SYSTEM
1002      * or SETTINGS_USER.
1003      */
1004     public function ajax_save_settings() {
1005         try {
1006             if ($_POST['type'] == SETTINGS_SYSTEM) {
1007                 if ($this->privileges[PRIV_SYSTEM_SETTINGS]['edit'] == FALSE) {
1008                     throw new Exception('You do not have the required privileges for this task.');
1009                 }
1010                 $this->load->model('settings_model');
1011                 $settings = json_decode($_POST['settings'], true);
1012                 $this->settings_model->save_settings($settings);
1013             } else if ($_POST['type'] == SETTINGS_USER) {
1014                 if ($this->privileges[PRIV_USER_SETTINGS]['edit'] == FALSE) {
1015                     throw new Exception('You do not have the required privileges for this task.');
1016                 }
1017                 $this->load->model('user_model');
1018                 $this->user_model->save_settings(json_decode($_POST['settings'], true));
1019             }
1020             
1021             echo json_encode(AJAX_SUCCESS);
1022         } catch(Exception $exc) {
1023             echo json_encode(array(
1024                 'exceptions' => array(exceptionToJavaScript($exc))
1025             ));
1026         }
1027     }
1028     
1029     /**
1030      * [AJAX] This method checks whether the username already exists in the database. 
1031      * 
1032      * @param string $_POST['username'] Record's username to validate.
1033      * @param bool $_POST['record_exists'] Whether the record already exists in database.
1034      */
1035     public function ajax_validate_username() {
1036         try {            
1037             // We will only use the function in the admins_model because it is sufficient 
1038             // for the rest user types for now (providers, secretaries).
1039             $this->load->model('admins_model');
1040             $is_valid = $this->admins_model->validate_username($_POST['username'], $_POST['user_id']);
1041             echo json_encode($is_valid);
1042         } catch(Exception $exc) {
1043             echo json_encode(array(
1044                 'exceptions' => array(exceptionToJavaScript($exc))
1045             ));
1046         }
1047     }
1048     
1049     /**
1050      * [AJAX] Change system language for current user.
1051      * 
1052      * The language setting is stored in session data and retrieved every time the user
1053      * visits any of the system pages.
1054      * 
1055      * @param string $_POST['language'] Selected language name.
1056      */
1057     public function ajax_change_language() {
1058         try {
1059             // Check if language exists in the available languages.
1060             $found = false;
1061             foreach($this->config->item('available_languages') as $lang) {
1062                 if ($lang == $_POST['language']) {
1063                     $found = true;
1064                     break;
1065                 }   
1066             }
1067 
1068             if (!$found)
1069                 throw new Exception('Translations for the given language does not exist (' . $_POST['language'] . ').');
1070 
1071             $this->session->set_userdata('language', $_POST['language']);
1072             $this->config->set_item('language', $_POST['language']);
1073 
1074             echo json_encode(AJAX_SUCCESS);
1075             
1076         } catch(Exception $exc) {
1077             echo json_encode(array(
1078                 'exceptions' => array(exceptionToJavaScript($exc))
1079             )); 
1080         }
1081     }
1082     
1083     /**
1084      * This method will return a list of the available google calendars. 
1085      * 
1086      * The user will need to select a specific calendar from this list to sync his 
1087      * appointments with. Google access must be already granted for the specific 
1088      * provider.
1089      * 
1090      * @param string $_POST['provider_id'] Provider record id.
1091      */
1092     public function ajax_get_google_calendars() {
1093         try {
1094             $this->load->library('google_sync');
1095             $this->load->model('providers_model');
1096 
1097             if (!isset($_POST['provider_id']))
1098                 throw new Exception('Provider id is required in order to fetch the google calendars.');
1099 
1100             // Check if selected provider has sync enabled. 
1101             $google_sync = $this->providers_model->get_setting('google_sync', $_POST['provider_id']);
1102             if ($google_sync) {
1103                 $google_token = json_decode($this->providers_model->get_setting('google_token', $_POST['provider_id']));
1104                 $this->google_sync->refresh_token($google_token->refresh_token);
1105                 $calendars = $this->google_sync->get_google_calendars();
1106                 echo json_encode($calendars);
1107             } else {
1108                 echo json_encode(AJAX_FAILURE);
1109             }
1110         } catch(Exception $exc) {
1111             echo json_encode(array(
1112                 'exceptions' => array(exceptionToJavaScript($exc))
1113             ));
1114         }
1115     }
1116     
1117     /**
1118      * Select a specific google calendar for a provider. 
1119      * 
1120      * All the appointments will be synced with this particular calendar.
1121      * 
1122      * @param numeric $_POST['provider_id'] Provider record id.
1123      * @param string $_POST['calendar_id'] Google calendar's id.
1124      */
1125     public function ajax_select_google_calendar() {
1126         try {
1127             if ($this->privileges[PRIV_USERS]['edit'] == FALSE
1128                     && $this->session->userdata('user_id') != $_POST['provider_id']) {
1129                 throw new Exception('You do not have the required privileges for this task.');
1130             }
1131             
1132             $this->load->model('providers_model');
1133             $result = $this->providers_model->set_setting('google_calendar', $_POST['calendar_id'], $_POST['provider_id']);
1134             echo json_encode(($result) ? AJAX_SUCCESS : AJAX_FAILURE);
1135             
1136         } catch (Exception $exc) {
1137             echo json_encode(array(
1138                 'exceptions' => array(exceptionToJavaScript($exc))
1139             ));
1140         }
1141     }
1142 }
1143 
1144 /* End of file backend_api.php */
1145 /* Location: ./application/controllers/backend_api.php */

API documentation generated by ApiGen