-
-
+
\ No newline at end of file
diff --git a/wms/board-record-submit.php b/wms/board-record-submit.php
index d3adb28b..bfae3908 100644
--- a/wms/board-record-submit.php
+++ b/wms/board-record-submit.php
@@ -3,7 +3,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
//print_r($_POST);
//print_r($_FILES);exit;
foreach ($_POST as $k => $v) {
- $$k = htmlspecialchars(stripslashes(trim($v)));
+ // $$k = htmlspecialchars(stripslashes(trim($v)));
+ $$k = trim($v);
}
function get_basename($filename) {
diff --git a/wms/fun_global.php b/wms/fun_global.php
index aa1f8e69..5e735cd9 100644
--- a/wms/fun_global.php
+++ b/wms/fun_global.php
@@ -1,4 +1,5 @@
M0107,,"; // 業務部專員:M0024許伃廷、M0107許紓晴(第2關有多位審核人)
@@ -108,7 +113,8 @@ function pricereview_class($rate, $user_id, &$ret=[]) {
* @return array
*
*/
-function pricereview_renovate_class($rate, $user_id, $renovate_flag) {
+function pricereview_renovate_class($rate, $user_id, $renovate_flag)
+{
global $link;
$sql = "select manager from account where accountid = '$user_id'";
@@ -142,11 +148,20 @@ function pricereview_renovate_class($rate, $user_id, $renovate_flag) {
* @param string $token
* @return string
*/
-function check_user_permission($user_id, $token) {
+function check_user_permission($user_id, $token)
+{
global $link;
// 不檢查清單
- $ignore_url_arr = ['/wms/index.php', '/wms/notice-index.php', '/wms/notice-edit.php', '/wms/change-password.php', '/wms/wipwhole-change-contractdate.php', '/wms/wipwhole-change-planning-customer-name.php','/wms/test.php', '/wms/mkt/pricereview_mi-api.php'];
+ $ignore_url_arr = [
+ '/wms/index.php',
+ '/wms/notice-index.php',
+ '/wms/notice-edit.php',
+ '/wms/change-password.php',
+ '/wms/wipwhole-change-contractdate.php',
+ '/wms/wipwhole-change-planning-customer-name.php',
+ '/wms/test.php',
+ ];
if (in_array($_SERVER["SCRIPT_NAME"], $ignore_url_arr)) return;
$do = "";
@@ -169,9 +184,12 @@ function check_user_permission($user_id, $token) {
mysqli_free_result($res);
if (!$do) {
- echo "無權限操作,請洽管理員。";
- exit;
- echo "";
+ // 判斷是否從藍凌過來
+ if (!empty($_GET['employee_no'])) {
+ echo "無權限操作,請洽管理員。";
+ exit;
+ }
+ echo "";
} else return $do;
}
@@ -179,7 +197,8 @@ function check_user_permission($user_id, $token) {
* 員工編號對應姓名表
* @return array
*/
-function accountid2name() {
+function accountid2name()
+{
global $link;
$arr = [];
@@ -198,7 +217,8 @@ function accountid2name() {
* @param array $uid 員工編號
* @return array
*/
-function accountid2email($uid) {
+function accountid2email($uid)
+{
global $link;
if (is_array($uid)) $accountid = implode("','", $uid);
@@ -224,7 +244,8 @@ function accountid2email($uid) {
* @param string|array $user_id:下位簽核者
* @param string $seq:順序
*/
-function do_assign($flow_id, $id, $content, $user_id, $seq=0) {
+function do_assign($flow_id, $id, $content, $user_id, $seq = 0)
+{
global $link;
$tds = date("Y-m-d H:i:s");
@@ -279,7 +300,8 @@ function do_assign($flow_id, $id, $content, $user_id, $seq=0) {
* @param string $id:價審單序號
* @param string $content:卷號
*/
-function end_flow($system_id, $flow_id, $id, $content) {
+function end_flow($system_id, $flow_id, $id, $content)
+{
global $link;
$tds = date("Y-m-d H:i:s");
@@ -297,7 +319,7 @@ function end_flow($system_id, $flow_id, $id, $content) {
$sql = "select ekind, person from pricereview_main where id = '$id'";
$res = mysqli_query($link, $sql);
if ($row = mysqli_fetch_row($res)) {
- $content = $row[0]."價格審查結案通知 > ".$content;
+ $content = $row[0] . "價格審查結案通知 > " . $content;
$kind = ($row[0] == "新梯") ? 3 : 4;
$sql2 = "insert into notice (kind, related_id, title, permission, creater, create_at) values (";
$sql2 .= "'$kind', '$id', '$content', '$row[1]', 'system', '$tds')";
@@ -388,7 +410,7 @@ function postCheck($post_val, $default_val = null)
*/
function do_wws2_assign($user_id, $form_id, $flow_code)
{
-
+
global $link;
$tds = date("Y-m-d H:i:s");
$sql = "select appwms.nextval('form_key') form_key";
@@ -493,47 +515,50 @@ function accountidToRoleName($accountid)
* @param array $arr:[電梯種類,人乘/載重,停數,開門方式,速度]
* @return string 規格名,載重
*/
-function facility_spec($arr) {
+function facility_spec($arr)
+{
if (empty($arr)) return;
list($kind, $seat, $stop, $op, $speed) = $arr;
if (strlen($speed) == 1) $speed = str_pad($speed, 2, "0", STR_PAD_LEFT);
- $seat2weight_arr = ["A3" => 320, "A8" => 320, "G10" => 320, "G20" => 320, "G5" => 320, "G6" => 320,
- "280-1-A" => 280, "280-1-L" => 280, "280-2-A" => 280, "280-2-L" => 280,
- "320-1-A" => 320, "320-1-L" => 320, "320-2-A" => 320, "320-2-L" => 320,
- "6" => 450, "8" => 550, "9" => 600, "10" => 700, "11" => 750, "12" => 800,
- "13" => 900, "15" => 1000, "17" => 1150, "20" => 1350, "24" => 1600];
+ $seat2weight_arr = [
+ "A3" => 320, "A8" => 320, "G10" => 320, "G20" => 320, "G5" => 320, "G6" => 320,
+ "280-1-A" => 280, "280-1-L" => 280, "280-2-A" => 280, "280-2-L" => 280,
+ "320-1-A" => 320, "320-1-L" => 320, "320-2-A" => 320, "320-2-L" => 320,
+ "6" => 450, "8" => 550, "9" => 600, "10" => 700, "11" => 750, "12" => 800,
+ "13" => 900, "15" => 1000, "17" => 1150, "20" => 1350, "24" => 1600
+ ];
switch ($kind) {
case "MAQ100":
$weight = $seat2weight_arr[$seat];
- $ret = $kind."-".$weight."-".$stop."-".$op.$speed;
+ $ret = $kind . "-" . $weight . "-" . $stop . "-" . $op . $speed;
break;
case "MAP100":
$weight = $seat2weight_arr[$seat];
- $ret = $kind."-".$weight."*".$stop."-".$op.$speed;
+ $ret = $kind . "-" . $weight . "*" . $stop . "-" . $op . $speed;
break;
case "MAM200":
case "MAH100":
$weight = $seat2weight_arr[$seat];
- $ret = $kind."-".$seat."*".$stop."-".$op.$speed;
+ $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
break;
case "MAF100":
$weight = $seat;
- $ret = $kind."-".$seat."*".$stop."-".$op.$speed;
+ $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
break;
case "MAE100":
$weight = $seat2weight_arr[$seat];
- $ret = $kind."-".$seat."*".$stop."-".$op.$speed;
+ $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
break;
case "M1+M4(2:1)":
case "M1+M4(1:1)":
case "M1":
$weight = $seat2weight_arr[$seat];
- $ret = "P".$seat."-".$seat2weight_arr[$seat]."-".$op."-".$speed."-".$stop;
+ $ret = "P" . $seat . "-" . $seat2weight_arr[$seat] . "-" . $op . "-" . $speed . "-" . $stop;
break;
default:
$weight = $ret = "";
}
- return $ret.",".$weight;
+ return $ret . "," . $weight;
}
/**
@@ -541,7 +566,8 @@ function facility_spec($arr) {
* @param array $arr:[簽核人1,簽核人2,簽核人3,簽核人4]
* @return array 進度,下位審批人
*/
-function sign_status($arr) {
+function sign_status($arr)
+{
$ret = [];
foreach ($arr as $k => $sign) {
$sign_nos = 0;
@@ -554,7 +580,7 @@ function sign_status($arr) {
}
}
if (count($sign_arr) == $sign_nos) {
- $ret["sign_st"] = $k+1;
+ $ret["sign_st"] = $k + 1;
$ret["sign_nt"] = $sign_nt_arr;
return $ret;
}
@@ -566,9 +592,10 @@ function sign_status($arr) {
return $ret;
}
-function getAccounttype($link,$user_id){
- $sql = "SELECT * FROM account where accountid = '$user_id'";
- $data = mysqli_query($link, $sql);
+function getAccounttype($link, $user_id)
+{
+ $sql = "SELECT * FROM account where accountid = '$user_id'";
+ $data = mysqli_query($link, $sql);
$row = mysqli_fetch_array($data, MYSQLI_ASSOC);
return $row['accounttype'];
-}
\ No newline at end of file
+}
diff --git a/wms/sign/list.php b/wms/sign/list.php
index 7fc3c622..d71993d1 100644
--- a/wms/sign/list.php
+++ b/wms/sign/list.php
@@ -27,12 +27,44 @@ function getWipwholestatusDataByFormkey($link, $form_key, $flow_id)
*
FROM wipwholestatus
WHERE id = '" . $row['form_id'] . "'
+ ANd status = '1'
";
$result = mysqli_query($link, $sql);
$row = mysqli_fetch_assoc($result);
return $row;
}
+function getwipwholeChangeContractdateDetailsDataByFormkey($link, $form_key, $flow_id)
+{
+ $sql = "
+ SELECT
+ form_id
+ FROM flow
+ WHERE form_key = '$form_key'
+ AND system_id = 'wws'
+ AND flow_id = '$flow_id'
+ ";
+ $result = mysqli_query($link, $sql);
+ $row = mysqli_fetch_assoc($result);
+ $sql = "
+ SELECT
+ wipwholestatus_id
+ FROM wipwhole_change_contractdate_details
+ WHERE id = '" . $row['form_id'] . "'
+ ";
+ $result = mysqli_query($link, $sql);
+ $row = mysqli_fetch_assoc($result);
+ $sql = "
+ SELECT
+ *
+ FROM wipwholestatus
+ WHERE id = '" . $row['wipwholestatus_id'] . "'
+ ANd status = '1'
+ ";
+ $result = mysqli_query($link, $sql);
+ $row = mysqli_fetch_assoc($result);
+ return $row;
+}
$system_id = $_SERVER['REQUEST_METHOD'] == 'GET' ? @$_GET['system_id'] : @$_POST['system_id'];
$where_system_id = " and a.system_id like '" . $system_id . "%'";
@@ -40,15 +72,28 @@ $where_system_id = " and a.system_id like '" . $system_id . "%'";
$flow_id = $_SERVER['REQUEST_METHOD'] == 'GET' ? @$_GET['flow_id'] : @$_POST['flow_id'];
$where_flow_id = " and b.flow_id like '" . $flow_id . "%'";
-$sql_get = "select c.form_key, a.system_id,b.flow_id ,a.system_name,c.current_assigner,
- concat(c.current_assigner ,'-',f_return_name(c.current_assigner)) current_assigner_name ,
- flow_name,c.update_date ,c.create_date,b.path,d.flow_code from system_main a,flow_main b ,subflow
- c,flow d
- where a.system_id=b.system_id
- and b.flow_id=d.flow_id
- and c.current_assigner='$user_id'
- and d.flow_id=b.flow_id
- and c.form_key=d.form_key
+$sql_get = "
+ select
+ c.form_key,
+ a.system_id,
+ b.flow_id ,
+ a.system_name,
+ c.current_assigner,
+ concat(
+ c.current_assigner ,
+ '-',f_return_name(c.current_assigner)
+ ) current_assigner_name ,
+ flow_name,
+ c.update_date ,
+ c.create_date,
+ b.path,
+ d.flow_code
+ from system_main a,flow_main b ,subflow c,flow d
+ where a.system_id=b.system_id
+ and b.flow_id=d.flow_id
+ and c.current_assigner='$user_id'
+ and d.flow_id=b.flow_id
+ and c.form_key=d.form_key
$where_system_id
$where_flow_id
";
@@ -173,7 +218,7 @@ $flow_name_opt = (array_unique($flow_name_opt, SORT_REGULAR));
|
作番號:
+ ">
+ 作番大日程-合約號: 作番號:
+
+
">
diff --git a/wms/wipwhole-change-contractdate-function.php b/wms/wipwhole-change-contractdate-function.php
index a839e669..6dda40a9 100644
--- a/wms/wipwhole-change-contractdate-function.php
+++ b/wms/wipwhole-change-contractdate-function.php
@@ -436,6 +436,7 @@ function getShengguanokOptions($link)
FROM `account`
WHERE `department_id` IN ('250')
AND `role_id` IN ('1','4')
+ ORDER BY accountid DESC
";
return mysqli_query($link, $sql);
}
@@ -598,16 +599,17 @@ function getAssignStatusSelect($link, $user_id, $nowFormStatus)
} else {
$options_str .= "";
}
- }
- if (in_array(checkNowFormStatus($link), ['A', 'D'])) {
- if (accountidToDepartId($user_id) == "250" && in_array(accountidToRoleId($user_id), ["1", "4"]))
- $options_str .= "";
- $options_str .= "";
- }
- if (checkNowFormStatus($link) == 'B') {
- if (in_array(getDepartmentId($link, $user_id), ['521', '531', '541', '542', '543', '544', '545']))
- $options_str .= "";
- $options_str .= "";
+ }else{
+ if (in_array(checkNowFormStatus($link), ['A', 'D'])) {
+ if (accountidToDepartId($user_id) == "250" && in_array(accountidToRoleId($user_id), ["1", "4"]))
+ $options_str .= "";
+ $options_str .= "";
+ }
+ if (checkNowFormStatus($link) == 'B') {
+ if (in_array(getDepartmentId($link, $user_id), ['521', '531', '541', '542', '543', '544', '545']))
+ $options_str .= "";
+ $options_str .= "";
+ }
}
$options_str .= "";
return $options_str;
diff --git a/wms/wipwhole-change-contractdate.php b/wms/wipwhole-change-contractdate.php
index 35aa30b0..a2276667 100644
--- a/wms/wipwhole-change-contractdate.php
+++ b/wms/wipwhole-change-contractdate.php
@@ -340,7 +340,7 @@ if (!empty(checkNowFormStatus($link)))
";
} else if (checkNowFormStatus($link) == 'B') {
- if (getDepartmentId($link, $user_id) == '521' || getDepartmentId($link, $user_id) == '531') {
+ if (in_array(getDepartmentId($link, $user_id), ['521', '531', '541', '542', '543', '544', '545'])){
echo " |