You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
126 lines
4.0 KiB
126 lines
4.0 KiB
<?php
|
|
include "header.php";
|
|
|
|
if (isset($_POST['update'])) {
|
|
function user_input($data)
|
|
{
|
|
return htmlspecialchars(stripslashes(trim($data)));
|
|
}
|
|
|
|
$id = $_POST['id'];
|
|
$accounttype = user_input($_POST["accounttype"]);
|
|
$accountid = user_input($_POST["accountid"]);
|
|
$pwd = user_input($_POST["pwd"]);
|
|
$name = user_input($_POST["name"]);
|
|
$tel = user_input($_POST["tel"]);
|
|
$address = user_input($_POST["address"]);
|
|
$email = user_input($_POST["email"]);
|
|
$lineid = user_input($_POST["lineid"]);
|
|
$wechatid = user_input($_POST["wechatid"]);
|
|
$phone_call_help = user_input($_POST["phone_call_help"]);
|
|
$chat_for_help = user_input($_POST["chat_for_help"]);
|
|
$remote_help = user_input($_POST["remote_help"]);
|
|
$repairerid = user_input($_POST["repairerid"]);
|
|
$manager = user_input($_POST["manager"]);
|
|
$department_id = user_input($_POST["department_id"]);
|
|
$role_id = user_input($_POST["role_id"]);
|
|
$creater = user_input($_POST["creater"]);
|
|
$create_at = date('Y-m-d H:i:s');
|
|
|
|
// 檢查連接是否成功
|
|
if ($link->connect_errno) {
|
|
echo "連接 MySQL 失敗:" . $link->connect_error;
|
|
exit();
|
|
}
|
|
|
|
// 開始事務
|
|
$link->begin_transaction();
|
|
|
|
try {
|
|
|
|
if (in_array($accounttype, ["B", "E", "M", "W"])) {
|
|
if (empty($department_id)) {
|
|
$department_id_error = "部門未填寫";
|
|
throw new Exception('部門未填寫');
|
|
}
|
|
if (empty($role_id)) {
|
|
$role_id_error = "職別未填寫";
|
|
throw new Exception('職別未填寫');
|
|
}
|
|
}
|
|
|
|
$sql = "UPDATE account
|
|
SET
|
|
pwd = ?, name = ?, tel = ?, address = ?, email = ?,
|
|
lineid = ?, wechatid = ?,phone_call_help = ?, chat_for_help = ?,remote_help = ?,
|
|
repairerid = ?, manager = ?, accounttype = ?, department_id = ?, role_id = ?,
|
|
creater = ?, create_at = ?
|
|
WHERE id = ?
|
|
";
|
|
$stmt = $link->prepare($sql);
|
|
$stmt->bind_param(
|
|
'ssssssssssssssssss',
|
|
$pwd,
|
|
$name,
|
|
$tel,
|
|
$address,
|
|
$email,
|
|
$lineid,
|
|
$wechatid,
|
|
$phone_call_help,
|
|
$chat_for_help,
|
|
$remote_help,
|
|
$repairerid,
|
|
$manager,
|
|
$accounttype,
|
|
$department_id,
|
|
$role_id,
|
|
$creater,
|
|
$create_at,
|
|
$id
|
|
);
|
|
$stmt->execute();
|
|
|
|
if (in_array($accounttype, ["B", "E", "M", "W"])) {
|
|
$sql = "select permission from department where department_id = '$department_id' and role_id = '$role_id'";
|
|
$result = $link->query($sql);
|
|
if ($result->num_rows > 0) {
|
|
while ($row = $result->fetch_assoc()) {
|
|
$permission = $row['permission'];
|
|
$sql = "UPDATE account_auth SET permission = '$permission' WHERE accountid = ?";
|
|
$stmt2 = $link->prepare($sql);
|
|
$stmt2->bind_param('s', $accountid);
|
|
$stmt2->execute();
|
|
}
|
|
}
|
|
}
|
|
|
|
$sql = "UPDATE employee
|
|
SET
|
|
depart_no = ? ,
|
|
name = ? ,
|
|
mail = ?
|
|
WHERE employee_no = ?
|
|
";
|
|
$stmt3 = $link->prepare($sql);
|
|
$stmt3->bind_param('ssss', $department_id, $name, $email, $accountid);
|
|
$stmt3->execute();
|
|
|
|
$link->commit();
|
|
|
|
$url = "account-edit.php?function_name=account&id=$id&$token_link";
|
|
redircetTo($url);
|
|
} catch (Exception $e) {
|
|
echo 'Caught exception: ', $e->getMessage(), "\n";
|
|
}
|
|
|
|
mysqli_close($link);
|
|
}
|
|
|
|
function redircetTo($url)
|
|
{
|
|
echo "<script type='text/JavaScript'>";
|
|
echo "alert('update成功');";
|
|
echo "location.href='$url';";
|
|
echo "</script>";
|
|
}
|
|
|