diff --git a/wms/mkt/pricereview_contractno-api.php b/wms/mkt/pricereview_contractno-api.php
new file mode 100644
index 00000000..2c33004b
--- /dev/null
+++ b/wms/mkt/pricereview_contractno-api.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * 客戶資料
+ * @url /pricereview_contractno-api.php
+ * @method POST
+ * @return JSON
+ * 
+ * request
+ * {
+ *  "pa"
+ * }
+ * pa : 合約號
+ * respons json
+ * {
+ *  "st" : "ok",
+ *  "err" : ""
+ * }
+ **/
+ob_start();
+include "../header.php";
+ob_end_clean();
+$rarr = array("st" => "ok", "err" => "");
+
+try {
+    if (empty($_POST) || empty($_POST["pa"])) throw new \Exception("parameter empty");
+
+    foreach ($_POST as $k => $v) {
+        $$k = htmlspecialchars(stripslashes(trim($v)));
+    }
+
+    // 基本資料
+    $db_query  = "select a.address, a.repairerid, c.contractno, c.company, c.taxid from account a, contract c ";
+    $db_query .= "where a.accountid = c.customerid and c.contractno = '$pa'";
+    $res = mysqli_query($link, $db_query);
+    if ($row = mysqli_fetch_row($res)) {
+        $rarr["address"] = $row[0];
+        $rarr["repairerid"] = $row[1];
+        $rarr["contractno"] = $row[2];
+        $rarr["company"] = $row[3];
+        $rarr["taxid"] = $row[4];
+    }
+    mysqli_free_result($res);
+
+    // 電梯編號
+    $db_query = "select facilityno from facility where contractno = '$pa' order by facilityno";
+    $res = mysqli_query($link, $db_query);
+    while ($row = mysqli_fetch_row($res)) {
+        $rarr["faci"][] = $row[0];
+    }
+    mysqli_free_result($res);
+
+    if (!isset($rarr["contractno"])) {
+        $rarr["st"] = "err";
+        $rarr["err"] = "無資料！";
+    }
+}catch(\Exception $e) {
+    $rarr["st"] = "err";
+    $rarr["err"] = $e->getMessage();
+}
+//print_r($rarr);exit;
+echo json_encode($rarr, JSON_UNESCAPED_UNICODE);
+exit;
+?>
\ No newline at end of file