From 33fe9602692b791462bbeb3c6ef906ec924d26c3 Mon Sep 17 00:00:00 2001
From: "sas.fajri" <sas.fajri@gmail.com>
Date: Mon, 8 Jun 2026 13:15:25 +0700
Subject: [PATCH] FHM08062601IBL - fix cashier print proxy url handling

---
 .../fo/cashiernewpayment-v27/Payment.php      | 61 +++++++++++++++--
 application/controllers/tools/Birt_proxy.php  | 68 ++++++++++++++++---
 2 files changed, 116 insertions(+), 13 deletions(-)

diff --git a/application/controllers/mockup/fo/cashiernewpayment-v27/Payment.php b/application/controllers/mockup/fo/cashiernewpayment-v27/Payment.php
index 6aeddeab..5b4dde04 100644
--- a/application/controllers/mockup/fo/cashiernewpayment-v27/Payment.php
+++ b/application/controllers/mockup/fo/cashiernewpayment-v27/Payment.php
@@ -860,7 +860,7 @@ class Payment extends MY_Controller
 			exit;
 		}
 
-		$pdf = @file_get_contents('http://localhost:8080' . $url, false, stream_context_create(array(
+		$pdf = @file_get_contents($this->resolve_fetch_url($url), false, stream_context_create(array(
 			'http' => array(
 				'timeout' => 120,
 				'method' => 'GET',
@@ -1022,12 +1022,13 @@ class Payment extends MY_Controller
 		$username = $this->resolve_report_username();
 		$ts = round(microtime(true) * 1000);
 		$resolvedPaymentId = $paymentId > 0 ? $paymentId : $this->resolve_payment_id_by_order($orderId);
+		$isInternalAppUrl = $this->is_internal_app_url($printTransaction['Print_TransactionUrl']);
 
 		$replacements = array(
-			'PUsername' => $this->format_birt_string_param($username),
+			'PUsername' => $this->format_report_string_param($username, $isInternalAppUrl),
 			'PT_OrderHeaderID' => $orderId,
 			'PPaymentID' => $resolvedPaymentId,
-			'PAn' => $this->format_birt_string_param($patientName),
+			'PAn' => $this->format_report_string_param($patientName, $isInternalAppUrl),
 			'TS' => $ts,
 		);
 
@@ -1042,8 +1043,58 @@ class Payment extends MY_Controller
 		return $url;
 	}
 
-	private function format_birt_string_param($value)
+	private function resolve_fetch_url($url)
 	{
-		return rawurlencode("'" . (string)$value . "'");
+		$url = trim((string) $url);
+
+		if ($url === '') {
+			return '';
+		}
+
+		if (preg_match('#^https?://#i', $url)) {
+			return $url;
+		}
+
+		if (strpos($url, '/birt/') === 0) {
+			return 'http://localhost:8080' . $url;
+		}
+
+		if (strpos($url, '/one-api-lab/') === 0) {
+			$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
+			$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
+
+			return $scheme . '://' . $host . $url;
+		}
+
+		if (strpos($url, '/tools/') === 0 || strpos($url, '/index.php/') === 0) {
+			$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
+			$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
+
+			return $scheme . '://' . $host . '/one-api-lab' . $url;
+		}
+
+		return 'http://localhost:8080' . $url;
+	}
+
+	private function is_internal_app_url($url)
+	{
+		$url = (string) $url;
+
+		return (
+			strpos($url, '/one-api-lab/') === 0 ||
+			strpos($url, '/tools/') === 0 ||
+			strpos($url, '/index.php/') === 0
+		);
+	}
+
+	private function format_report_string_param($value, $isInternalAppUrl = false)
+	{
+		$value = (string) $value;
+
+		if ($isInternalAppUrl) {
+			return rawurlencode($value);
+		}
+
+		return rawurlencode("'" . $value . "'");
 	}
 }
diff --git a/application/controllers/tools/Birt_proxy.php b/application/controllers/tools/Birt_proxy.php
index be218166..7461faea 100644
--- a/application/controllers/tools/Birt_proxy.php
+++ b/application/controllers/tools/Birt_proxy.php
@@ -76,13 +76,14 @@ class Birt_proxy extends MY_Controller
 
         $tm  = round(microtime(true) * 1000);
         $url = $row['Print_TransactionUrl'];
+        $is_internal_app_url = $this->_is_internal_app_url($url);
         $url = str_replace('PT_OrderHeaderID', $order_id, $url);
         $url = str_replace('PPaymentID', $payment_id, $url);
-        $url = str_replace('PAn', $this->_format_birt_string_param($patient_name), $url);
-        $url = str_replace('PUsername', $this->_format_birt_string_param($username), $url);
+        $url = str_replace('PAn', $this->_format_report_string_param($patient_name, $is_internal_app_url), $url);
+        $url = str_replace('PUsername', $this->_format_report_string_param($username, $is_internal_app_url), $url);
         $url = str_replace('TS', $tm, $url);
 
-        $full_url = $this->birt_base . $url;
+        $full_url = $this->_resolve_fetch_url($url);
         $context = stream_context_create([
             'http' => [
                 'timeout' => 120,
@@ -137,8 +138,9 @@ class Birt_proxy extends MY_Controller
         }
 
         $url = $row['Print_TransactionUrl'];
+        $is_internal_app_url = $this->_is_internal_app_url($url);
         $url = str_replace('PT_OrderHeaderID', $order_id, $url);
-        $url = str_replace('PUsername', urlencode($username), $url);
+        $url = str_replace('PUsername', $this->_format_report_string_param($username, $is_internal_app_url), $url);
         $url = str_replace('TS', $tm, $url);
 
         // 2. Decrypt patient PII dan populate cache
@@ -147,8 +149,8 @@ class Birt_proxy extends MY_Controller
             $cache_id = $this->_populate_cache($order_id);
         }
 
-        // 3. Build full BIRT URL dan fetch PDF
-        $full_url = $this->birt_base . $url;
+        // 3. Build full URL sesuai target endpoint dan fetch PDF
+        $full_url = $this->_resolve_fetch_url($url);
 
         $context = stream_context_create([
             'http' => [
@@ -284,6 +286,39 @@ class Birt_proxy extends MY_Controller
         );
     }
 
+    private function _resolve_fetch_url($url)
+    {
+        $url = trim((string) $url);
+
+        if ($url === '') {
+            return '';
+        }
+
+        if (preg_match('#^https?://#i', $url)) {
+            return $url;
+        }
+
+        if (strpos($url, '/birt/') === 0) {
+            return $this->birt_base . $url;
+        }
+
+        if (strpos($url, '/one-api-lab/') === 0) {
+            $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
+            $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
+
+            return $scheme . '://' . $host . $url;
+        }
+
+        if (strpos($url, '/tools/') === 0 || strpos($url, '/index.php/') === 0) {
+            $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
+            $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
+
+            return $scheme . '://' . $host . '/one-api-lab' . $url;
+        }
+
+        return $this->birt_base . $url;
+    }
+
     private function _resolve_order_id_by_payment($payment_id)
     {
         $row = $this->db_onedev->query(
@@ -328,8 +363,25 @@ class Birt_proxy extends MY_Controller
         return trim($row['ppc_name'] ?? '');
     }
 
-    private function _format_birt_string_param($value)
+    private function _is_internal_app_url($url)
     {
-        return rawurlencode("'" . (string)$value . "'");
+        $url = (string) $url;
+
+        return (
+            strpos($url, '/one-api-lab/') === 0 ||
+            strpos($url, '/tools/') === 0 ||
+            strpos($url, '/index.php/') === 0
+        );
+    }
+
+    private function _format_report_string_param($value, $is_internal_app_url = false)
+    {
+        $value = (string) $value;
+
+        if ($is_internal_app_url) {
+            return rawurlencode($value);
+        }
+
+        return rawurlencode("'" . $value . "'");
     }
 }