<?php

/**
 * 組sql語法：限制可查詢範圍
 * 系統管理員、總經理權限全開
 * 
 * @param string $user_id:使用者ID
 * @param string $column:欄位名稱
 * 
 * @return string
 */
function sql_myself($user_id, $column = "creater")
{
    global $link;

    $follower_arr = []; // 下屬列表
    $sql_cmd = "where ($column = '$user_id'";
    $follower_arr = find_follow($user_id);
    if (count($follower_arr) > 0) {
        $column_str = implode("','", $follower_arr);
        $sql_cmd .= " or ($column in ('$column_str'))";
    }
    $sql_cmd .= ")";

    $sql = "select department_id from account where accountid = '$user_id'";
    $res = mysqli_query($link, $sql);
    $row = mysqli_fetch_assoc($res);
    $department_id = $row["department_id"];
    if ($department_id == "20" || $department_id == "220") $sql_cmd = "";

    return $sql_cmd;
}


/**
 * 下屬列表
 * @param string $user_id:使用者ID
 * @param array $ret:下屬ID
 * @return array
 */
function find_follow($user_id, &$ret = [])
{
    global $link;

    $sql = "select accountid from account where manager = '$user_id'";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_assoc($res)) {
        $ret[] = $row["accountid"];
        find_follow($row["accountid"], $ret);
    }
    mysqli_free_result($res);

    return $ret;
}

/**
 * 上級主管排列
 * @param string $user_id:使用者ID
 * @param array $ret:上級主管ID
 * @return array
 */
function manage_class($user_id, &$ret = [])
{
    global $link;

    $sql = "select manager from account where accountid = '$user_id'";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_assoc($res)) {
        if ($row["manager"] == "M0001") return; // 董事長略過
        $ret[] = $row["manager"];
        manage_class($row["manager"], $ret);
    }
    mysqli_free_result($res);

    return $ret;
}

/**
 * 新梯(營銷)價審簽核順位
 * @param string $rate:破價比
 * @param string $user_id:使用者ID
 * @param array $ret:簽核人ID
 * @return array
 * 
 */
function pricereview_class($rate, $user_id, &$ret = [])
{
    global $link;

    $sql = "select manager from account where accountid = '$user_id'";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_assoc($res)) {
        if ($row["manager"] == "M0001") return; // 董事長略過
        if ($row["manager"] != "M0060" && $row["manager"] != "M0006" && $row["manager"] != "M0008") {
            $ret[1] = $row["manager"] . ",,";
            pricereview_class($rate, $row["manager"], $ret);
        } else {
            $ret[2] = "M0024,,<##>M0107,,";         // 業務部專員：M0024許伃廷、M0107許紓晴(第2關有多位審核人)
            $ret[3] = "M0060,,";                    // 業務協理
            if ($rate < 75) $ret[4] = "M0006,,";    // 總經理
        }
    }
    mysqli_free_result($res);

    return $ret;
}

/**
 * 汰改(契約)價審簽核順位
 * @param string $rate:破價比
 * @param string $user_id:使用者ID
 * @param string $renovate_flag:REN=M1改
 * @return array
 * 
 */
function pricereview_renovate_class($rate, $user_id, $renovate_flag)
{
    global $link;

    $sql = "select manager from account where accountid = '$user_id'";
    $res = mysqli_query($link, $sql);
    if ($row = mysqli_fetch_assoc($res)) {
        if ($row["manager"] == "M0001") return; // 董事長略過
        if ($row["manager"] != "M0060" && $row["manager"] != "M0006" && $row["manager"] != "M0008") {
            $ret[1] = $row["manager"];
        } else {
            $ret[1] = $user_id;
        }
    }
    mysqli_free_result($res);

    if ($renovate_flag == "REN") {
        if ($rate < 80) $ret[3] = "M0008";  // 詹總
        if ($rate < 60) $ret[4] = "M0006";  // 總經理
    } else {
        // 全汰改
        if ($rate < 80) $ret[3] = "M0008";  // 詹總
        if ($rate < 75) $ret[4] = "M0006";  // 總經理
    }

    return $ret;
}

/**
 * 檢查使用者選單權限
 * 
 * @param string $user_id
 * @param string $token
 * @return string
 */
function check_user_permission($user_id, $token)
{
    global $link;

    // 不檢查清單
    $ignore_url_arr = [
        '/wms/index.php',
        '/wms/notice-index.php',
        '/wms/notice-edit.php',
        '/wms/change-password.php',
        '/wms/wipwhole-change-contractdate.php',
        '/wms/wipwhole-change-planning-customer-name.php',
        '/wms/test.php',
    ];
    if (in_array($_SERVER["SCRIPT_NAME"], $ignore_url_arr)) return;

    $do = "";
    $sql = "select accounttype from account where accountid = '$user_id'";
    $res = mysqli_query($link, $sql);
    if ($row = mysqli_fetch_assoc($res)) {
        if ($row["accounttype"] == "E") $do = 3;    // 管理員
        else {
            $sql2 = "select permission from account_auth where accountid = '$user_id'";
            $res2 = mysqli_query($link, $sql2);
            if ($row2 = mysqli_fetch_assoc($res2)) {
                $arr = json_decode(urldecode($row2["permission"]), true);
                //print_r($arr);
                //echo "#".str_replace("/wms/", "",  $_SERVER["SCRIPT_NAME"]);exit;
                $do = $arr[str_replace("/wms/", "",  $_SERVER["SCRIPT_NAME"])];
            }
            mysqli_free_result($res2);
        }
    }
    mysqli_free_result($res);

    if (!$do) {
        // 判斷是否從藍凌過來
        if (!empty($_GET['employee_no'])) {
            echo "無權限操作，請洽管理員。";
            exit;
        }
        echo "<script>alert('無權限操作，請洽管理員。');if (history.length==1) location.href='/wms/index.php?token=" . $token . "'; else history.go(-1);</script>";
    } else return $do;
}

/**
 * 員工編號對應姓名表
 * @return array
 */
function accountid2name()
{
    global $link;

    $arr = [];
    $sql = "select accountid, name from account where accounttype in ('B','E','M')";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $arr[$row[0]] = $row[1];
    }
    mysqli_free_result($res);

    return $arr;
}

/**
 * 員工信箱
 * @param array $uid 員工編號
 * @return array
 */
function accountid2email($uid)
{
    global $link;

    if (is_array($uid)) $accountid = implode("','", $uid);
    else $accountid = $uid;
    if (empty($accountid)) return;

    $arr = [];
    $sql = "select accountid, email from account where accountid in ('$accountid') and accounttype in ('B','E','M')";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $arr[$row[0]] = $row[1];
    }
    mysqli_free_result($res);

    return $arr;
}

/**
 * 寫入簽核表
 * @param string $flow_id
 * @param string $id:價審單序號
 * @param string $content:卷號
 * @param string|array $user_id:下位簽核者
 * @param string $seq:順序
 */
function do_assign($flow_id, $id, $content, $user_id, $seq = 0)
{
    global $link;

    $tds = date("Y-m-d H:i:s");
    if ($seq == 0) {
        $sql = "select appwms.nextval('form_key') form_key";
        $res = mysqli_query($link, $sql);
        if ($row = mysqli_fetch_row($res)) {
            $form_key = $row[0];
            $sql2 = "insert into flow (system_id, flow_id, form_id, form_key, flow_code) values ('prm', '$flow_id', '$id', '$form_key', 'A')";
            mysqli_query($link, $sql2);
        }
    } else {
        $sql = "select max(form_key) from flow where form_id = '$id' and flow_id = '$flow_id'";
        $res = mysqli_query($link, $sql);
        $row = mysqli_fetch_row($res);
        $form_key = $row[0];
    }
    if (!is_array($user_id)) $user_id_arr[] = $user_id;
    else $user_id_arr = $user_id;
    foreach ($user_id_arr as $uk => $uval) {
        if ($seq == 0) {
            $sql2 = "insert into subflow (form_key, seq, current_assigner, create_date) values ('$form_key', '$seq', '$uval', '$tds')";
            mysqli_query($link, $sql2);
            $sql2 = "insert into assign (form_key, seq, assigner, assign_opinion) values ('$form_key', '$seq', '$uval', '$content')";
            mysqli_query($link, $sql2);
        } else {
            if ($uk == 0) {
                $sql2 = "update subflow set current_assigner = '$uval', update_date = '$tds' where form_key = '$form_key' and seq = '$seq'";
                mysqli_query($link, $sql2);
                $affected = mysqli_affected_rows($link);
                if ($affected == 0) {
                    $sql2 = "update subflow set seq = '$seq', current_assigner = '$uval', update_date = '$tds' where form_key = '$form_key'";
                    mysqli_query($link, $sql2);
                } else {
                    $sql2 = "delete from subflow where form_key = '$form_key' and seq < $seq";
                    mysqli_query($link, $sql2);
                }
            } else {
                $sql2 = "insert into subflow (form_key, seq, current_assigner, update_date) values ('$form_key', ($seq+1), '$uval', '$tds')";
                mysqli_query($link, $sql2);
            }
            $sql2 = "update assign set seq = '$seq', assigner = '$uval' where form_key = '$form_key'";
            mysqli_query($link, $sql2);
        }
    }
}

/**
 * 簽核結案
 * @param string $system_id
 * @param string $flow_id
 * @param string $id:價審單序號
 * @param string $content:卷號
 */
function end_flow($system_id, $flow_id, $id, $content)
{
    global $link;

    $tds = date("Y-m-d H:i:s");
    $sql = "select max(form_key) from flow where form_id = '$id' and system_id = '$system_id' and flow_id = '$flow_id'";
    $res = mysqli_query($link, $sql);
    $row = mysqli_fetch_row($res);
    $form_key = $row[0];
    mysqli_free_result($res);
    if ($form_key) {
        $sql = "update subflow set current_assigner = '00000', update_date = '$tds' where form_key = '$form_key'";
        mysqli_query($link, $sql);
        $sql = "update flow set flow_code = 'Z' where system_id = '$system_id' and flow_id = '$flow_id' and form_id = '$id' and form_key = '$form_key'";
        mysqli_query($link, $sql);
    }
    $sql = "select ekind, person from pricereview_main where id = '$id'";
    $res = mysqli_query($link, $sql);
    if ($row = mysqli_fetch_row($res)) {
        $content = $row[0] . "價格審查結案通知 > " . $content;
        $kind = ($row[0] == "新梯") ? 3 : 4;
        $sql2  = "insert into notice (kind, related_id, title, permission, creater, create_at) values (";
        $sql2 .= "'$kind', '$id', '$content', '$row[1]', 'system', '$tds')";
        $res2 = mysqli_query($link, $sql2);
    }
}


/**
 * 員工編號轉姓名
 * @return array
 */
function accountidToName($accountid)
{
    global $link;

    $name = "";
    $sql = "select name from account where accountid = '$accountid' ";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $name = $row[0];
    }
    mysqli_free_result($res);
    return $name;
}

/**
 * 寫入簽核表 -- 作番大日程 wws
 * @param string $form_id:作番大日程 id
 * @param string $flow_code:簽核狀態
 * @param string $user_id:下位簽核者
 */
function do_wws_assign($user_id, $form_id, $flow_code)
{
    global $link;
    $tds = date("Y-m-d H:i:s");
    $sql = "select appwms.nextval('form_key') form_key";
    $res = mysqli_query($link, $sql);
    if ($row = mysqli_fetch_row($res)) {
        $form_key = $row[0];
        $sql = "insert into flow (system_id, flow_id, form_key, form_id,flow_code) values ('wws', 'wws01', '$form_key', '$form_id','$flow_code');";
        mysqli_query($link, $sql);
        $sql = "insert into subflow (form_key, seq, current_assigner, create_date) values ('$form_key', '1', '$user_id', '$tds');";
        mysqli_query($link, $sql);
    }
}

/**
 * 簽核表下一階段 -- 作番大日程 wws
 * @param string $form_key:簽核表主鍵
 * @param string $flow_code:簽核狀態
 * @param string $user_id:下位簽核者
 */
function do_wws_next_assign($user_id, $form_key, $flow_code)
{
    global $link;
    $tds = date("Y-m-d H:i:s");
    $sql = "
        UPDATE flow SET
            flow_code = '$flow_code'
        WHERE form_key = '$form_key'
    ";
    mysqli_query($link, $sql);
    $sql = "
        UPDATE subflow SET
            current_assigner = '$user_id',
            create_date = '$tds'
        WHERE form_key = '$form_key'
    ";
    mysqli_query($link, $sql);
}

/**
 * 檢查 post 過來的值，若是空值就回傳預設的值(預設null)
 * @param string $post_val:post 過來的值
 * @param string $default_val: 若post值是空值想回傳的值
 */
function postCheck($post_val, $default_val = null)
{
    return empty($_POST[$post_val]) ? $default_val : htmlspecialchars(stripslashes(trim($_POST[$post_val])));
}

/**
 * 寫入簽核表 -- 作番大日程 wws (汰改)
 * @param string $form_id:作番大日程 id
 * @param string $flow_code:簽核狀態
 * @param string $user_id:下位簽核者
 */
function do_wws2_assign($user_id, $form_id, $flow_code)
{

    global $link;
    $tds = date("Y-m-d H:i:s");
    $sql = "select appwms.nextval('form_key') form_key";
    $res = mysqli_query($link, $sql);
    if ($row = mysqli_fetch_row($res)) {
        $form_key = $row[0];
        $sql = "insert into flow (system_id, flow_id, form_key, form_id,flow_code) values ('wws', 'wws02', '$form_key', '$form_id','$flow_code');";
        mysqli_query($link, $sql);
        $sql = "insert into subflow (form_key, seq, current_assigner, create_date) values ('$form_key', '1', '$user_id', '$tds');";
        mysqli_query($link, $sql);
    }
}

/**
 * 員工編號轉部門代碼
 * @return array
 */
function accountidToDepartId($accountid)
{
    global $link;

    $name = "";
    $sql = "select department_id from account where accountid = '$accountid' ";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $name = $row[0];
    }
    mysqli_free_result($res);
    return $name;
}

/**
 * 部門代碼轉部門名稱
 * @return array
 */
function departIdToDepartName($department_id)
{
    global $link;

    $name = "";
    $sql = "select name from department where department_id = '$department_id' ";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $name = $row[0];
    }
    mysqli_free_result($res);
    return $name;
}

/**
 * 員工編號轉職稱id
 * @return array
 */
function accountidToRoleId($accountid)
{
    global $link;
    $name = "";
    $sql = "
        select 
            d.role_id 
        from account AS a
        LEFT JOIN department AS d
        ON a.department_id = d.department_id
        AND a.role_id = d.role_id
        where a.accountid = '$accountid' 
    ";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $name = $row[0];
    }
    mysqli_free_result($res);
    return $name;
}

/**
 * 員工編號轉職稱名稱
 * @return array
 */
function accountidToRoleName($accountid)
{
    global $link;
    $name = "";
    $sql = "
        select 
            d.role 
        from account AS a
        LEFT JOIN department AS d
        ON a.department_id = d.department_id
        AND a.role_id = d.role_id
        where a.accountid = '$accountid' 
    ";
    $res = mysqli_query($link, $sql);
    while ($row = mysqli_fetch_row($res)) {
        $name = $row[0];
    }
    mysqli_free_result($res);
    return $name;
}

/**
 * 組電梯規格名稱
 * @param array $arr:[電梯種類,人乘/載重,停數,開門方式,速度]
 * @return string 規格名,載重
 */
function facility_spec($arr)
{
    if (empty($arr)) return;
    list($kind, $seat, $stop, $op, $speed) = $arr;
    if (strlen($speed) == 1) $speed = str_pad($speed, 2, "0", STR_PAD_LEFT);
    $seat2weight_arr = [
        "A3" => 320, "A8" => 320, "G10" => 320, "G20" => 320, "G5" => 320, "G6" => 320,
        "280-1-A" => 280, "280-1-L" => 280, "280-2-A" => 280, "280-2-L" => 280,
        "320-1-A" => 320, "320-1-L" => 320, "320-2-A" => 320, "320-2-L" => 320,
        "6" => 450, "8" => 550, "9" => 600, "10" => 700, "11" => 750, "12" => 800,
        "13" => 900, "15" => 1000, "17" => 1150, "20" => 1350, "24" => 1600
    ];
    switch ($kind) {
        case "MAQ100":
            $weight = $seat2weight_arr[$seat];
            $ret = $kind . "-" . $weight . "-" . $stop . "-" . $op . $speed;
            break;
        case "MAP100":
            $weight = $seat2weight_arr[$seat];
            $ret = $kind . "-" . $weight . "*" . $stop . "-" . $op . $speed;
            break;
        case "MAM200":
        case "MAH100":
            $weight = $seat2weight_arr[$seat];
            $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
            break;
        case "MAF100":
            $weight = $seat;
            $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
            break;
        case "MAE100":
            $weight = $seat2weight_arr[$seat];
            $ret = $kind . "-" . $seat . "*" . $stop . "-" . $op . $speed;
            break;
        case "M1+M4(2:1)":
        case "M1+M4(1:1)":
        case "M1":
            $weight = $seat2weight_arr[$seat];
            $ret = "P" . $seat . "-" . $seat2weight_arr[$seat] . "-" . $op . "-" . $speed . "-" . $stop;
            break;
        default:
            $weight = $ret = "";
    }
    return $ret . "," . $weight;
}

/**
 * 最新簽核進度
 * @param array $arr:[簽核人1,簽核人2,簽核人3,簽核人4]
 * @return array 進度,下位審批人
 */
function sign_status($arr)
{
    $ret = [];
    foreach ($arr as $k => $sign) {
        $sign_nos = 0;
        $sign_nt_arr = [];
        $sign_arr = explode("<##>", $sign);
        foreach ($sign_arr as $v) {
            if (strlen($v) == 7) {
                $sign_nos++;
                $sign_nt_arr[] = str_replace(",,", "", $v);
            }
        }
        if (count($sign_arr) == $sign_nos) {
            $ret["sign_st"] = $k + 1;
            $ret["sign_nt"] = $sign_nt_arr;
            return $ret;
        }
    }
    if (empty($ret)) {
        $ret["sign_st"] = 99;   // 已審完
        $ret["sign_nt"] = "";
    }
    return $ret;
}

function getAccounttype($link, $user_id)
{
    $sql = "SELECT * FROM account where accountid = '$user_id'";
    $data = mysqli_query($link, $sql);
    $row = mysqli_fetch_array($data, MYSQLI_ASSOC);
    return $row['accounttype'];
}