diff --git a/wms/purchase-api.php b/wms/purchase-api.php
deleted file mode 100644
index c3259ef6..00000000
--- a/wms/purchase-api.php
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-include "./header.php";
-include "T8_Authorization_curl.php";
-
-$account_id = "M0122";
-$password = "90493119";
-$GroupId = 'TEST';
-$validation = get_Auth($GroupId,$account_id,$password);
-// print_r(get_purchaseApply($conn, '123'));
-$sql_purchaseApply = "SELECT * FROM purCharge";
-$result = get_purchaseApply($conn, $sql_purchaseApply);
-print_r($result);
-
-function get_purchaseApply($conn){
-    $sql_purchaseApply = "SELECT * FROM purCharge";
-    $query_purchaseApply = $conn -> prepare($sql_purchaseApply);
-    $query_purchaseApply -> execute();
-    $result = $query_purchaseApply -> fetchAll();
-    return $result;
-}
-
-
-
-
-// print_r(get_purchase_apply($validation,$GroupId,"S230300001-14"));
-//費用申請單API 不能用
-function get_purchase_apply($validation,$GroupId,$BillNo){
-    $apiurl = "http://60.244.87.101:880//twWebAPI/V1/PURFEEAPPLY/GetERPData?pkValue=$BillNo";
-    // echo $apiurl . "\n";
-    $headerParam = [
-        'CHI_Authorization: ' . $validation,
-        'GroupId:'.$GroupId
-      ];
-      $ch = curl_init();
-  curl_setopt($ch, CURLOPT_URL, $apiurl);
-  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-  curl_setopt($ch, CURLOPT_HTTPHEADER, $headerParam);
-  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
-
-  $response = curl_exec($ch);
-  if ($response === false) {
-    echo 'Curl error: ' . curl_error($ch);
-  } else {
-    $result = json_decode($response, true);
-    print_r($result);
-  }
-
-  curl_close($ch);
-}
\ No newline at end of file
diff --git a/wms/purchase-apply-create.php b/wms/purchase-apply-create.php
new file mode 100644
index 00000000..dac47245
--- /dev/null
+++ b/wms/purchase-apply-create.php
@@ -0,0 +1,2 @@
+<?php
+echo "hello";
\ No newline at end of file
diff --git a/wms/purchase-apply-index.php b/wms/purchase-apply-index.php
index 331d2a51..3b003014 100644
--- a/wms/purchase-apply-index.php
+++ b/wms/purchase-apply-index.php
@@ -1,36 +1,89 @@
 <?php
-include "./header.php";
-include "T8_Authorization_curl.php";
-
-$account_id = "M0122";
-$password = "90493119";
-$GroupId = 'TEST';
-$validation = get_Auth();
-
-// print_r(get_purchase_apply($validation,$GroupId,"S230300001-14"));
-
-//費用申請單API 不能用
-function get_purchase_apply($validation,$GroupId,$BillNo){
-    $apiurl = "http://60.244.87.101:880//twWebAPI/V1/PURFEEAPPLY/GetERPData?pkValue=$BillNo";
-    // echo $apiurl . "\n";
-    $headerParam = [
-        'CHI_Authorization: ' . $validation,
-        'GroupId:'.$GroupId
-      ];
-      $ch = curl_init();
-  curl_setopt($ch, CURLOPT_URL, $apiurl);
-  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-  curl_setopt($ch, CURLOPT_HTTPHEADER, $headerParam);
-  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
-
-  $response = curl_exec($ch);
-  if ($response === false) {
-    echo 'Curl error: ' . curl_error($ch);
-  } else {
-    $result = json_decode($response, true);
-    print_r($result);
-  }
+include "purchase-function.php";
+$start_date = empty($_POST['date_start']) ? null : $_POST['date_start'];
+$end_date = empty($_POST['date_end']) ? null : $_POST['date_end'];
+
+$add_sql = "";
+$follower = find_follow($user_id);
 
-  curl_close($ch);
+if ((!in_array($user_id, array('M0056', 'M0108', 'M0209'))) && (!in_array(accountidToDepartId($user_id), array('220', '210')))) {
+  $add_sql .= "AND (main.PersonId = '$user_id' ";
+  if (count($follower) > 0) {
+    $column_str = "('$user_id'" . ",'";
+    $column_str .= implode("','", $follower);
+    $column_str .= "')";
+    $add_sql .= " OR main.PersonId IN $column_str)";
+  } else {
+    $add_sql .= ")";
+  };
+}
+if (!is_null($start_date)) {
+  $start_date = (int)date('Ymd', strtotime($start_date));
+  $add_sql .= " AND main.BillDate >= $start_date ";
+}
+if (!is_null($end_date)) {
+  $end_date = (int)date('Ymd', strtotime($end_date));
+  $add_sql .= " AND main.BillDate <= $end_date ";
 }
 
+$main = get_purchaseApply_index($conn, $add_sql);
+// print_r($main);
+
+?>
+<script defer src="./contract/js/alpinejs/cdn.min.js"></script>
+<h2 class="text-center"><strong>採購費用申請單 (對廠商付款)</strong></h2>
+<p>
+  <a href="purchase-apply-create.php?<?php echo $token_link; ?>" class="btn btn-info btn-sm">
+    <span class="glyphicon glyphicon-plus"></span>
+  </a>
+</p>
+
+<div class="purchase-apply-index" x-data="purchaseApplies">
+  <div style="width:98% ;margin: 1%">
+    <table class="table table-striped table-bordered" style="width:100%;">
+      <thead>
+        <tr>
+          <th>單號</th>
+          <th>申請日期</th>
+          <?php if (in_array(accountidToDepartId($user_id), array('220', '210'))) { ?>
+            <th>申請部門</th>
+          <?php } ?>
+          <th>申請人</th>
+          <th>幣別</th>
+          <th>含稅金額</th>
+        </tr>
+      </thead>
+      <tbody>
+        <template x-if="purchaseApplies.length <=0">
+          <tr>
+            <td colspan="2">無資料</td>
+          </tr>
+        </template>
+        <template x-for="purchaseApply in purchaseApplies">
+          <tr>
+            <td x-text="purchaseApply.BillNo"></td>
+            <td x-text="formatDate(purchaseApply.BillDate)"></td>
+            <?php if (in_array(accountidToDepartId($user_id), array('220', '210'))) { ?>
+              <td x-text="purchaseApply.DeptName"></td>
+            <?php } ?>
+            <td x-text="purchaseApply.PersonName"></td>
+            <td x-text="purchaseApply.CurrId === 'TWD' ? '台幣' : (purchaseApply.CurrId === 'RMB' ? '人民幣' : purchaseApply.CurrId)"></td>
+            <td x-text="purchaseApply.OAmountWithTax"></td>
+          </tr>
+        </template>
+    </table>
+  </div>
+
+</div>
+
+<script>
+  const purchaseApplies = <?php echo json_encode($main); ?>
+
+  function formatDate(date) {
+    date = date.toString();
+    var year = date.substring(0, 4);
+    var month = date.substring(4, 6);
+    var day = date.substring(6, 8);
+    return year + '-' + month + '-' + day;
+  }
+</script>
\ No newline at end of file
diff --git a/wms/purchase-function.php b/wms/purchase-function.php
new file mode 100644
index 00000000..bef96231
--- /dev/null
+++ b/wms/purchase-function.php
@@ -0,0 +1,180 @@
+<?php
+include "./header.php";
+
+$account_id = "M0122";
+$password = "90493119";
+$GroupId = 'TEST';
+$validation = get_Auth($GroupId, $account_id, $password);
+
+
+function get_Auth($groupId, $accountId, $password)
+{
+    $user_id = $accountId;
+    $user_password = $password;
+    $api_key = "A21181F1EE4966D3";
+    $GroupId = $groupId;
+
+    // 伺服器時間扣兩分鐘會比較穩定
+    // $now = gmdate("YmdHis");
+    $now = gmdate("YmdHis", strtotime("-2 minutes"));
+
+    $data = "$user_id." . $now;
+    $sign = hash_hmac('SHA256', $data, $api_key, false);
+
+    // 各種API連線網址
+    // $apiurl = 'https://erp.masada.com.tw:780/twWebAPI/GetAuth';
+    $apiurl = 'http://60.244.87.101:880//twWebAPI/GetAuth';
+    // $apiurl = 'http://10.10.145.2:880//twWebAPI/GetAuth';
+    // $apiurl = 'https://erp.masada.com.tw:780/twWebAPI/GetAuth';
+
+    $headerParam = [
+        "UserId: $user_id",
+        "Pwd: $user_password",
+        "TimestampUTC: $now",
+        "Sign: $sign",
+        "GroupId: $GroupId"
+    ];
+
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $apiurl);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($ch, CURLOPT_HTTPHEADER, $headerParam);
+
+    $response = curl_exec($ch);
+    if ($response === false) {
+        echo 'Curl error: ' . curl_error($ch);
+    } else {
+        $result = json_decode($response, true);
+        if ($result['Status'] == 'Success')
+            return $result['Data']['CHI_Authorization'];
+        if ($result['Status'] == 'Error')
+            return $result['ErrorMsg'];
+
+        print_r($result);
+    }
+
+    curl_close($ch);
+}
+
+
+function get_purchaseApply_index($conn,$add_sql)
+{
+    $sql_purchaseApply = "SELECT main.BillNo, 
+        main.BillDate, 
+        main.BizPartnerId,
+        COALESCE(Biz.BizPartnerName, '') AS BizPartnerName,
+        main.IsPriceWithTax,
+        main.OAmountWithTax, 
+        main.TaxId,
+        COALESCE(comTaxNo.TaxName, '') AS TaxName,
+        main.TaxRate,
+        main.CurrId,
+        main.PersonId,
+        COALESCE(Person.PersonName, '') AS PersonName,
+        main.DeptId, 
+        COALESCE(Dept.DeptName, '') AS DeptName,
+        main.CU_ReimbursementNo AS rib_NillNo
+      FROM purCharge AS main
+      LEFT JOIN comBusinessPartner AS Biz ON Biz.BizPartnerId = main.BizPartnerId
+      LEFT JOIN comTaxNo ON comTaxNo.TaxId = main.TaxId
+      LEFT JOIN comGroupPerson AS Person ON Person.PersonId = main.PersonId
+      LEFT JOIN comDepartment AS Dept ON Dept.DeptId = main.DeptId 
+      WHERE 1=1 ";
+      $sql_purchaseApply .= $add_sql." ORDER BY main.BillDate DESC";
+    try {
+        $query_purchaseApply = $conn->prepare($sql_purchaseApply);
+        $query_purchaseApply->execute();
+        $result = $query_purchaseApply->fetchAll();
+        return $result;
+    } catch (PDOException $ex) {
+        trigger_error($ex->getMessage(), E_USER_WARNING);
+        return array();
+    }
+}
+
+
+
+
+//費用申請單API 不能用
+function get_purchase_apply($validation, $GroupId, $BillNo)
+{
+    if (is_null($validation) || is_null($GroupId) || is_null($BillNo)) {
+        return "參數錯誤";
+    }
+    $apiurl = "http://60.244.87.101:880//twWebAPI/V1/PURFEEAPPLY/GetERPData?pkValue=$BillNo";
+    $headerParam = [
+        'CHI_Authorization: ' . $validation,
+        'GroupId:' . $GroupId
+    ];
+    $ch = curl_init();
+    if (!$ch) {
+        throw new Exception("Could not init cURL");
+    }
+    curl_setopt($ch, CURLOPT_URL, $apiurl);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($ch, CURLOPT_HTTPHEADER, $headerParam);
+    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
+
+    $response = curl_exec($ch);
+    if ($response === false) {
+        $error = curl_error($ch);
+        curl_close($ch);
+        if (is_null($error)) {
+            throw new Exception("Curl error: Unknown error");
+        } else {
+            throw new Exception("Curl error: " . $error);
+        }
+    }
+
+    $result = json_decode($response, true);
+    if (is_null($result)) {
+        throw new Exception("Failed to decode JSON data");
+    }
+    curl_close($ch);
+    return $result;
+}
+
+function transanction_purchase_apply($validation, $GroupId, $BillNo)
+{
+    date_default_timezone_set("Asia/Taipei");
+    $host = getenv('DB_HOST');
+    $dbuser = getenv('DB_USERNAME');
+    $dbpassword = getenv('DB_PASSWORD');
+    $dbname = getenv('DB_DATABASE');
+    $sqlsrv = getenv('sqlsrv');
+    $Database = getenv('Database');
+    $Account = getenv('Account');
+    $Password = getenv('Password');
+
+    try {
+        $mysqlConn = new PDO("mysql:host=$host;dbname=$dbname", $dbuser, $dbpassword);
+        $mysqlConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+        $mssqlConn = new PDO("sqlsrv:Server=$sqlsrv;Database=$Database", $Account, $Password);
+        $mssqlConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+        $mysqlConn->beginTransaction();
+        $mssqlConn->beginTransaction();
+
+        // 在MySQL数据库中执行插入操作
+        $mysqlInsertQuery = "INSERT INTO your_mysql_table (column1, column2) VALUES (:value1, :value2)";
+        $mysqlStatement = $mysqlConn->prepare($mysqlInsertQuery);
+        $mysqlStatement->execute(array(':value1' => 'value1', ':value2' => 'value2'));
+
+        // 在MSSQL数据库中执行插入操作
+        $mssqlInsertQuery = "INSERT INTO your_mssql_table (column1, column2) VALUES (?, ?)";
+        $mssqlStatement = $mssqlConn->prepare($mssqlInsertQuery);
+        $mssqlStatement->execute(array('value1', 'value2'));
+
+        // 提交事务
+        $mysqlConn->commit();
+        $mssqlConn->commit();
+
+        echo "Transaction successfully committed.";
+    } catch (PDOException $e) {
+        // 如果有异常发生，则回滚事务
+        $mysqlConn->rollBack();
+        $mssqlConn->rollBack();
+        echo "Transaction failed: " . $e->getMessage();
+    }
+}