fajri/BE_IBL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FHM08062601IBL - fix cashier print proxy url handling

Browse Source
This commit is contained in:
sas.fajri
2026-06-08 13:15:25 +07:00
parent 23c5c7c67c
commit 33fe960269
2 changed files with 116 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
application/controllers/mockup/fo/cashiernewpayment-v27/Payment.php
View File

@@ -860,7 +860,7 @@ class Payment extends MY_Controller
exit; exit;
} }
$pdf = @file_get_contents('http://localhost:8080' . $url, false, stream_context_create(array( $pdf = @file_get_contents($this->resolve_fetch_url($url), false, stream_context_create(array(
'http' => array( 'http' => array(
'timeout' => 120, 'timeout' => 120,
'method' => 'GET', 'method' => 'GET',
@@ -1022,12 +1022,13 @@ class Payment extends MY_Controller
$username = $this->resolve_report_username(); $username = $this->resolve_report_username();
$ts = round(microtime(true) * 1000); $ts = round(microtime(true) * 1000);
$resolvedPaymentId = $paymentId > 0 ? $paymentId : $this->resolve_payment_id_by_order($orderId); $resolvedPaymentId = $paymentId > 0 ? $paymentId : $this->resolve_payment_id_by_order($orderId);
$isInternalAppUrl = $this->is_internal_app_url($printTransaction['Print_TransactionUrl']);
$replacements = array( $replacements = array(
'PUsername' => $this->format_birt_string_param($username), 'PUsername' => $this->format_report_string_param($username, $isInternalAppUrl),
'PT_OrderHeaderID' => $orderId, 'PT_OrderHeaderID' => $orderId,
'PPaymentID' => $resolvedPaymentId, 'PPaymentID' => $resolvedPaymentId,
'PAn' => $this->format_birt_string_param($patientName), 'PAn' => $this->format_report_string_param($patientName, $isInternalAppUrl),
'TS' => $ts, 'TS' => $ts,
); );
@@ -1042,8 +1043,58 @@ class Payment extends MY_Controller
return $url; return $url;
} }
private function format_birt_string_param($value) private function resolve_fetch_url($url)
{ {
return rawurlencode("'" . (string)$value . "'"); $url = trim((string) $url);
if ($url === '') {
return '';
}
if (preg_match('#^https?://#i', $url)) {
return $url;
}
if (strpos($url, '/birt/') === 0) {
return 'http://localhost:8080' . $url;
}
if (strpos($url, '/one-api-lab/') === 0) {
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
return $scheme . '://' . $host . $url;
}
if (strpos($url, '/tools/') === 0 || strpos($url, '/index.php/') === 0) {
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
return $scheme . '://' . $host . '/one-api-lab' . $url;
}
return 'http://localhost:8080' . $url;
}
private function is_internal_app_url($url)
{
$url = (string) $url;
return (
strpos($url, '/one-api-lab/') === 0 ||
strpos($url, '/tools/') === 0 ||
strpos($url, '/index.php/') === 0
);
}
private function format_report_string_param($value, $isInternalAppUrl = false)
{
$value = (string) $value;
if ($isInternalAppUrl) {
return rawurlencode($value);
}
return rawurlencode("'" . $value . "'");
} }
} }

68
application/controllers/tools/Birt_proxy.php
View File

@@ -76,13 +76,14 @@ class Birt_proxy extends MY_Controller
$tm = round(microtime(true) * 1000); $tm = round(microtime(true) * 1000);
$url = $row['Print_TransactionUrl']; $url = $row['Print_TransactionUrl'];
$is_internal_app_url = $this->_is_internal_app_url($url);
$url = str_replace('PT_OrderHeaderID', $order_id, $url); $url = str_replace('PT_OrderHeaderID', $order_id, $url);
$url = str_replace('PPaymentID', $payment_id, $url); $url = str_replace('PPaymentID', $payment_id, $url);
$url = str_replace('PAn', $this->_format_birt_string_param($patient_name), $url); $url = str_replace('PAn', $this->_format_report_string_param($patient_name, $is_internal_app_url), $url);
$url = str_replace('PUsername', $this->_format_birt_string_param($username), $url); $url = str_replace('PUsername', $this->_format_report_string_param($username, $is_internal_app_url), $url);
$url = str_replace('TS', $tm, $url); $url = str_replace('TS', $tm, $url);
$full_url = $this->birt_base . $url; $full_url = $this->_resolve_fetch_url($url);
$context = stream_context_create([ $context = stream_context_create([
'http' => [ 'http' => [
'timeout' => 120, 'timeout' => 120,
@@ -137,8 +138,9 @@ class Birt_proxy extends MY_Controller
} }
$url = $row['Print_TransactionUrl']; $url = $row['Print_TransactionUrl'];
$is_internal_app_url = $this->_is_internal_app_url($url);
$url = str_replace('PT_OrderHeaderID', $order_id, $url); $url = str_replace('PT_OrderHeaderID', $order_id, $url);
$url = str_replace('PUsername', urlencode($username), $url); $url = str_replace('PUsername', $this->_format_report_string_param($username, $is_internal_app_url), $url);
$url = str_replace('TS', $tm, $url); $url = str_replace('TS', $tm, $url);
// 2. Decrypt patient PII dan populate cache // 2. Decrypt patient PII dan populate cache
@@ -147,8 +149,8 @@ class Birt_proxy extends MY_Controller
$cache_id = $this->_populate_cache($order_id); $cache_id = $this->_populate_cache($order_id);
} }
// 3. Build full BIRT URL dan fetch PDF // 3. Build full URL sesuai target endpoint dan fetch PDF
$full_url = $this->birt_base . $url; $full_url = $this->_resolve_fetch_url($url);
$context = stream_context_create([ $context = stream_context_create([
'http' => [ 'http' => [
@@ -284,6 +286,39 @@ class Birt_proxy extends MY_Controller
); );
} }
private function _resolve_fetch_url($url)
{
$url = trim((string) $url);
if ($url === '') {
return '';
}
if (preg_match('#^https?://#i', $url)) {
return $url;
}
if (strpos($url, '/birt/') === 0) {
return $this->birt_base . $url;
}
if (strpos($url, '/one-api-lab/') === 0) {
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
return $scheme . '://' . $host . $url;
}
if (strpos($url, '/tools/') === 0 || strpos($url, '/index.php/') === 0) {
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
return $scheme . '://' . $host . '/one-api-lab' . $url;
}
return $this->birt_base . $url;
}
private function _resolve_order_id_by_payment($payment_id) private function _resolve_order_id_by_payment($payment_id)
{ {
$row = $this->db_onedev->query( $row = $this->db_onedev->query(
@@ -328,8 +363,25 @@ class Birt_proxy extends MY_Controller
return trim($row['ppc_name'] ?? ''); return trim($row['ppc_name'] ?? '');
} }
private function _format_birt_string_param($value) private function _is_internal_app_url($url)
{ {
return rawurlencode("'" . (string)$value . "'"); $url = (string) $url;
return (
strpos($url, '/one-api-lab/') === 0 ||
strpos($url, '/tools/') === 0 ||
strpos($url, '/index.php/') === 0
);
}
private function _format_report_string_param($value, $is_internal_app_url = false)
{
$value = (string) $value;
if ($is_internal_app_url) {
return rawurlencode($value);
}
return rawurlencode("'" . $value . "'");
} }
} }