diff --git a/phb/map/tw.html b/phb/map/tw.html index ecfdae00..e7991d8e 100644 --- a/phb/map/tw.html +++ b/phb/map/tw.html @@ -301,7 +301,7 @@ var schedule_detail = ""; // 補丁 actualdate = 展示太久沒更新保養日期做假資料 - actualdate = fakeActualdate(actualdate); + // actualdate = fakeActualdate(actualdate); if (sid > 0) { schedule_detail += '
  • 保養明細 '; diff --git a/phb/map/tw_fake.html b/phb/map/tw_fake.html new file mode 100644 index 00000000..ecfdae00 --- /dev/null +++ b/phb/map/tw_fake.html @@ -0,0 +1,637 @@ + + + + + + + + + 電梯地圖 + + + + + + + +
    + + + + + + + + + + + + + + \ No newline at end of file diff --git a/wms/T8_APItest_from_bpm.php b/wms/T8_APItest_from_bpm.php new file mode 100644 index 00000000..db6d10a5 --- /dev/null +++ b/wms/T8_APItest_from_bpm.php @@ -0,0 +1,99 @@ + "stkAssyMast", + "rows" => [ + [ + "BillNo" => "TEST06", + "OrgId" => "1000", + "TypeId" => "CA", + "MaterialId" => "3MH00302", + "PersonId" => "M0122", + "CompId" => "1001", + "DeptId" => "220", + "SQuantity" => 1, + "SUnitId" => "SET", + "CurrentState" => 2, + "CreatorId" => "M0122" + ] + ] + ], + [ + "name" => "stkAssySubMatInfo", + "rows" => [ + [ + "BillNo" => "TEST06", + "MaterialId" => "3MH00302P", + "ComponentBaseQty" => 1, + "UnitQty" => 1, + "SUnitId" => "SET", + "MarkerNo" => "3MH00302", + "CU_MaterialId" => "3MH00302" + ], + [ + "BillNo" => "TEST06", + "MaterialId" => "MX00000001", + "ComponentBaseQty" => 1, + "UnitQty" => 3, + "SUnitId" => "PCS", + "MarkerNo" => "3MH00302", + "CU_MaterialId" => "3MH00302" + ] + ] + ] + ]; + + $json = json_encode($body); + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $apiurl); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_HTTPHEADER, $headerParam); + curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); + curl_setopt($ch, CURLOPT_POSTFIELDS, $json); + + $response = curl_exec($ch); + + if ($response === false) { + echo 'Curl error: ' . curl_error($ch); + } else { + $result = json_decode($response, true); + echo $result['Status'] . "\n"; + echo $result['ErrorMsg'] . "\n"; + print_r($result['Data']); + } + + curl_close($ch); +} diff --git a/wms/T8_Authorization_from_bpm.php b/wms/T8_Authorization_from_bpm.php new file mode 100644 index 00000000..125ee65e --- /dev/null +++ b/wms/T8_Authorization_from_bpm.php @@ -0,0 +1,43 @@ +"; + date_default_timezone_set('Asia/Taipei'); + $currentTimestamp = time(); + $hashReferer = ""; + for ($i = -3; $i <= 3; $i++) { + $modifiedTimestamp = strtotime("$i seconds", $currentTimestamp); + $formattedTime = date("Y-m-d H:i:s", $modifiedTimestamp); + $hashReferer .= md5("https://bpm.masada.com.twMasada@2023".$formattedTime); + } + echo $hashReferer; + if (strpos($hashReferer, $referer)) { + echo "login"; + } +} else { + echo "沒有 HTTP_REFERER 資訊可用"; +} +echo "
    "; +if(isset($_SERVER['HTTP_REFERER'])) { + $referrer = $_SERVER['HTTP_REFERER']; + echo "來自於: $referrer"; +} else { + echo "沒有 referrer 資訊可用"; +} +echo "
    "; +if (isset($_SERVER['REMOTE_ADDR'])) { + $visitor_ip = $_SERVER['REMOTE_ADDR']; + echo "訪問者的 IP 地址是: $visitor_ip"; +} else { + echo "REMOTE_ADDR : 無法獲取訪問者的 IP 地址"; +} +echo "
    "; +if (isset($_SERVER['HTTP_CLIENT_IP'])) { + $visitor_ip = $_SERVER['HTTP_CLIENT_IP']; + echo "訪問者的 IP 地址是: $visitor_ip"; +} else { + echo "HTTP_CLIENT_IP : 無法獲取訪問者的 IP 地址"; +} +echo "
    "; + +if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $visitor_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + echo "訪問者的 IP 地址是: $visitor_ip"; +} else { + echo "HTTP_X_FORWARDED_FOR : 法獲取訪問者的 IP 地址"; +} +echo "
    "; + + +?> + +displayPage(); -function CreateToken($user_id, $user_name) { - date_default_timezone_set("Asia/Taipei"); - $start_time = date("Y-m-d H:i:s"); - $end_time = date('Y-m-d H:i:s',strtotime('+24 hour')); #设定24小时 - $info = $user_id . '.' . base64_encode(urlencode($user_name)) . '.' . $start_time . '.' . $end_time; //设置token过期时间为一天 - $encryption_code = "MASADA!^***"; - //根据以上信息信息生成签名(密钥为 SIGNATURE 自定义全局常量) - $signature = hash_hmac('md5', $info, $encryption_code); - //最后将这两部分拼接起来,得到最终的Token字符串 - return $token = $info . '.' . $signature; +function CreateToken($user_id, $user_name) +{ + date_default_timezone_set("Asia/Taipei"); + $start_time = date("Y-m-d H:i:s"); + $end_time = date('Y-m-d H:i:s', strtotime('+24 hour')); #设定24小时 + $info = $user_id . '.' . base64_encode(urlencode($user_name)) . '.' . $start_time . '.' . $end_time; //设置token过期时间为一天 + $encryption_code = "MASADA!^***"; + //根据以上信息信息生成签名(密钥为 SIGNATURE 自定义全局常量) + $signature = hash_hmac('md5', $info, $encryption_code); + //最后将这两部分拼接起来,得到最终的Token字符串 + return $token = $info . '.' . $signature; } require_once dirname(__FILE__) . "/../mkt/database.php"; include "fun_global.php"; if (isset($_REQUEST["function_name"])) { - $function_name = $_REQUEST["function_name"]; - $function_flag = True; + $function_name = $_REQUEST["function_name"]; + $function_flag = True; } else { - $function_name = ""; - $function_flag = False; + $function_name = ""; + $function_flag = False; } /** * 連線T8 MSSQL */ -// try { -// $conn = new PDO("sqlsrv:Server=10.10.145.2;Database=T8MASADA", "masada", "@m222222"); -// if ($conn) { -// $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); -// } -// } catch (PDOException $e) { -// //echo "fail"; -// //echo $e->getMessage(); -// } +try { + $conn = new PDO("sqlsrv:Server=erp.masada.com.tw;Database=T8MASADA", "masada", "ztPmPP!HRoV6SL3E"); + if ($conn) { + $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + } +} catch (PDOException $e) { + //echo "fail"; + //echo $e->getMessage(); +} @@ -53,34 +54,49 @@ if (isset($_REQUEST["function_name"])) { * $login_dt 登入時間 * $user_auth 使用權限:1,2,3 *****************************/ -$token = $_REQUEST["token"]; +$token = isset($_REQUEST["token"]) ? $_REQUEST["token"] : ""; if (count(explode(".", $token)) > 1) { - $token_link = "token=" . $_REQUEST["token"]; - list($user_id, $enc_user_name, $login_dt) = explode(".", $token); - $user_name = urldecode(base64_decode($enc_user_name)); + $token_link = "token=" . $_REQUEST["token"]; + list($user_id, $enc_user_name, $login_dt) = explode(".", $token); + $user_name = urldecode(base64_decode($enc_user_name)); } else { - $user_id = !empty($_GET["employee_no"]) ? $_GET["employee_no"] : $user_id; - $login_dt = !empty($_GET["timestamp"]) ? substr($_GET["timestamp"], 0, 10) : $login_dt; - $login_dt = date('Y-m-d H:i:s', $login_dt); - $user_name = accountid2name()[$user_id]; - $token = CreateToken($user_id,$user_name); - $token_link = "token=" . $token; + $referrer = isset($_GET['referer']) ? $_GET['referer'] : ""; + date_default_timezone_set('Asia/Taipei'); + $currentTimestamp = time(); + $hashReferer = ""; + for ($i = -3; $i <= 3; $i++) { + $modifiedTimestamp = strtotime("$i seconds", $currentTimestamp); + $formattedTime = date("Y-m-d H:i:s", $modifiedTimestamp); + $hashReferer .= md5("https://bpm.masada.com.twMasada@2023" . $formattedTime); + } + if (strpos($hashReferer, $referrer)) { + $user_id = !empty($_GET["employee_no"]) ? $_GET["employee_no"] : $user_id; + $login_dt = !empty($_GET["timestamp"]) ? substr($_GET["timestamp"], 0, 10) : $login_dt; + $login_dt = date('Y-m-d H:i:s', $login_dt); + // 藍凌超連結過來 token 設置永久 + $login_dt = (date("Y") + 100) . "-12-31 23:59:59"; + $user_name = accountid2name()[$user_id]; + $token = CreateToken($user_id, $user_name); + $token_link = "token=" . $token; + } else { + echo "非法訪問!"; + echo ""; + } } - include 'IncludeCommon.php'; $includecommon = new IncludeCommon(); $accounttype = getAccounttype($link, $user_id); $login_json = null; if (strlen($accounttype) != 0) { - $jsonres['menu'] = $includecommon->menu_v3($user_id, $accounttype); - $login_json = json_encode($jsonres, JSON_UNESCAPED_UNICODE); + $jsonres['menu'] = $includecommon->menu_v3($user_id, $accounttype); + $login_json = json_encode($jsonres, JSON_UNESCAPED_UNICODE); } ?> - - - - Masada後臺系統 - - - - - - - - - + + + + + + - \ No newline at end of file +
    + + +
    + \ No newline at end of file diff --git a/wms/loginapi.php b/wms/loginapi.php index 63a1cbb2..38ccc299 100644 --- a/wms/loginapi.php +++ b/wms/loginapi.php @@ -18,7 +18,7 @@ if(!empty($_REQUEST["account"])&& !empty($_REQUEST["password"])) { $accounttype = $row['accounttype']; $user_name = $row['name']; // 修正小寫登入 token 會帶入小寫的bug //M0117修改于 2023/07/31 13:45 - $accountid = $row['accountid']; + $accountid = strtoupper($row['accountid']); if (strlen($accounttype) != 0) { // B=保養員 M=永佳捷員工 E=管理員 if ($accounttype == "B" || $accounttype == "M" || $accounttype == "E" || $accounttype == "W"){ diff --git a/wms/wipwhole-index-function.php b/wms/wipwhole-index-function.php index e26a6d94..c4ddabc9 100644 --- a/wms/wipwhole-index-function.php +++ b/wms/wipwhole-index-function.php @@ -772,11 +772,12 @@ function getGongWuokNo($link) // 取得生管部主管編號 function getShengGuanokLeaderNo($link) { + return "M0079"; $sql = " SELECT accountid FROM `account` - WHERE `department_id` = '321' - AND `role_id` = '1'; + WHERE `department_id` = '250' + AND `role_id` = '4'; "; $result = mysqli_query($link, $sql); $row = mysqli_fetch_array($result); diff --git a/wms/wipwhole-index-table-html.php b/wms/wipwhole-index-table-html.php index 5ba74871..4572b2cc 100644 --- a/wms/wipwhole-index-table-html.php +++ b/wms/wipwhole-index-table-html.php @@ -1,13 +1,4 @@ "table_index2", - "A" => "table_index3", - "B" => "table_index4", - "G" => "table_index5", - "CH" => "table_index6", - "Z" => "table_index7" -); - // 暫時可編輯及刪除權限 $update_delete_status = false; if (in_array($user_id, ['M0175', 'M0079'])) { @@ -15,7 +6,7 @@ if (in_array($user_id, ['M0175', 'M0079'])) { } ?> - +
    $data) : + foreach ($data as $key => $data) : //規格 $Specification = $data['facility_kind']; diff --git a/wms/wipwhole-index.php b/wms/wipwhole-index.php index 9f87ec09..ff37bb22 100644 --- a/wms/wipwhole-index.php +++ b/wms/wipwhole-index.php @@ -40,9 +40,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { } } -// 宣告主資料空陣列 -$data = array(); - // 取得當前使用者所屬部門 $department_id = getDepartmentId($link, $user_id); // 取得當前使用者所屬職位 @@ -62,30 +59,27 @@ $site_survey_contact_verify = !isset($_REQUEST['site_survey_contact_verify']) ? $real_contract_arrival_date_start = empty($_REQUEST['real_contract_arrival_date_start']) ? null : $_REQUEST['real_contract_arrival_date_start']; $real_contract_arrival_date_end = empty($_REQUEST['real_contract_arrival_date_end']) ? null : $_REQUEST['real_contract_arrival_date_end']; $area_no = !isset($_REQUEST['area_no']) ? '' : $_REQUEST['area_no']; +$sheetNum = empty($_GET['sheetNum']) ? 'All' : $_GET['sheetNum']; + +$tableArr = array( + "All" => "", + "A" => "A", + "B" => "B", + "G" => "G", + "CH" => "C,H", + "Z" => "Z" +); +if (empty($sheetNum) || $sheetNum == "All") { + $sql = getDataSql($department_id, $role_id, $user_id); +} else { + $sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, $tableArr[$sheetNum]); +} // 取得資料 sql -$sql = getDataSql($department_id, $role_id, $user_id); $data = mysqli_query($link, $sql); -// 取得資料(營業部門階段) sql -$sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, "A"); -$dataA = mysqli_query($link, $sql); -// 取得資料(設計部門階段) sql -$sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, "B"); -$dataB = mysqli_query($link, $sql); -// 取得資料(工勘部門階段) sql -$sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, "G"); -$dataG = mysqli_query($link, $sql); - -// 取得資料(生管階段) sql -$sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, "C,H"); -$dataCH = mysqli_query($link, $sql); - -// 取得資料(結案階段) sql -$sql = getDataSqlByFlowCode($department_id, $role_id, $user_id, "Z"); -$dataZ = mysqli_query($link, $sql); ?>
    @@ -308,22 +302,11 @@ $dataZ = mysqli_query($link, $sql);
    $data, - "A" => $dataA, - "B" => $dataB, - "G" => $dataG, - "CH" => $dataCH, - "Z" => $dataZ -); -foreach ($dataArr as $key => $val) { - if ($val) : - $dataDetailsArr = $val; - echo "
    "; - include "wipwhole-index-table-html.php"; - echo "
    "; - endif; -} + +echo "
    "; +include "wipwhole-index-table-html.php"; +echo "
    "; + // 結束連線 @@ -346,14 +329,13 @@ mysqli_close($link); } "; - // } else { - // echo ""; - // } + if (checkWwsAssianStatus($link, $user_id, $id)) { + echo ""; + } else { + echo ""; + } } } @@ -1029,8 +1054,8 @@ function checkWwsAssianStatus($link, $user_id, $id = null) $data['designleadermail'] = accountid2email([getSheJiokLeaderNo($link)])[getSheJiokLeaderNo($link)]; $data['gongwokname'] = accountid2name(getGongWuokNo($link))[getGongWuokNo($link)]; $data['gongwokmail'] = accountid2email([getGongWuokNo($link)])[getGongWuokNo($link)]; - $data['shengguanokname'] = accountid2name(getShengGuanokLeaderNo($link))[getShengGuanokLeaderNo($link)]; - $data['shengguanokmail'] = accountid2email([getShengGuanokLeaderNo($link)])[getShengGuanokLeaderNo($link)]; + $data['shengguanname'] = accountid2name(getShengGuanokLeaderNo($link))[getShengGuanokLeaderNo($link)]; + $data['shengguanmail'] = accountid2email([getShengGuanokLeaderNo($link)])[getShengGuanokLeaderNo($link)]; // 確認營業階段 // 非主管進入主管階段 diff --git a/wms/wipwhole-rec-invoice-edit.php b/wms/wipwhole-rec-invoice-edit.php index d4aad087..acc986dc 100644 --- a/wms/wipwhole-rec-invoice-edit.php +++ b/wms/wipwhole-rec-invoice-edit.php @@ -1158,15 +1158,18 @@ include "wipwhole-rec-invoice-edit-submit.php"; if (checkNowFormGStatus($link) == 'Z' && checkNowFormYDStatus($link) == 'Z' && ($user_department_id == 220 || $user_department_id == 321)) { ?> - - + // if ($user_id == 'M0168') { + ?> + diff --git a/wms/wipwhole-renovate-index-function.php b/wms/wipwhole-renovate-index-function.php index 280e893b..a537c833 100644 --- a/wms/wipwhole-renovate-index-function.php +++ b/wms/wipwhole-renovate-index-function.php @@ -244,11 +244,12 @@ function getGongWuokNo($link) // 取得生管部主管編號 function getShengGuanokLeaderNo($link) { + return "M0079"; $sql = " SELECT accountid FROM `account` - WHERE `department_id` = '321' - AND `role_id` = '1'; + WHERE `department_id` = '250' + AND `role_id` = '4'; "; $result = mysqli_query($link, $sql); $row = mysqli_fetch_array($result); diff --git a/wms/wipwhole-renovate-index-table-html.php b/wms/wipwhole-renovate-index-table-html.php index 3be85123..78f863bc 100644 --- a/wms/wipwhole-renovate-index-table-html.php +++ b/wms/wipwhole-renovate-index-table-html.php @@ -1,13 +1,4 @@ "table_index2", - "A" => "table_index3", - "B" => "table_index4", - "C" => "table_index5", - "D" => "table_index6", - "Z" => "table_index7" -); - // 暫時可編輯及刪除權限 $update_delete_status = false; if (in_array($user_id, ['M0175', 'M0079'])) { @@ -15,7 +6,7 @@ if (in_array($user_id, ['M0175', 'M0079'])) { } ?> -
    +
    $data) : + foreach ($data as $key => $data) : //規格 $Specification = $data['facility_kind']; diff --git a/wms/wipwhole-renovate-index.php b/wms/wipwhole-renovate-index.php index f38bbd42..6f22b60d 100644 --- a/wms/wipwhole-renovate-index.php +++ b/wms/wipwhole-renovate-index.php @@ -1,6 +1,5 @@