You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
127 lines
4.9 KiB
127 lines
4.9 KiB
<?php
|
|
|
|
require_once('../conn.php');
|
|
date_default_timezone_set("Asia/Taipei");
|
|
|
|
$sign = $_POST['sign'];
|
|
$mid = $_POST['mid'];
|
|
$result = $_POST['result'];
|
|
$reviewcomment = $_POST['reviewcomment'];
|
|
$sign_id = $_POST['currentSignId'];
|
|
$token = $_POST['token'];
|
|
$form_key = $_POST['form_key'];
|
|
$signOff = '';
|
|
if($result == 'YY' ){
|
|
$signOff = 'YY';
|
|
}elseif($result == 'YN'){
|
|
$signOff = 'N';
|
|
}elseif($result == 'YS'){
|
|
$signOff = 'Y';
|
|
}
|
|
try{
|
|
$user_id = $_POST['user_id'];
|
|
|
|
$sign_result = $user_id . "," . $signOff . "," . date("Y-m-d H:i:s");
|
|
|
|
$sql_str = "UPDATE pricereview_sign SET sign" . $sign . "=:sign, sign".$sign."_note = :reviewcomment WHERE mid = :mid AND id = :sign_id";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':sign', $sign_result);
|
|
$stmt->bindParam(':mid', $mid);
|
|
$stmt->bindParam(':reviewcomment', $reviewcomment);
|
|
$stmt->bindParam(':sign_id', $sign_id);
|
|
$stmt->execute();
|
|
|
|
if($sign == 3){
|
|
$sql_str = "UPDATE pricereview_main SET status=:status, updated_at=:updated_at WHERE id = :id ";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':status', $result);
|
|
$stmt->bindParam(':id', $mid);
|
|
$stmt->bindParam(':updated_at', $updated_at);
|
|
$stmt->execute();
|
|
}else{
|
|
$sql_str = "UPDATE pricereview_main SET status=:status WHERE id = :id ";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':status', $result);
|
|
$stmt->bindParam(':id', $mid);
|
|
$stmt->execute();
|
|
}
|
|
|
|
|
|
include_once "./postSystemNotice.php";
|
|
$sql_str = "SELECT * FROM pricereview_main WHERE id = :id ORDER BY id DESC LIMIT 1";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':id', $mid);
|
|
$stmt->execute();
|
|
$contract = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
$ekind = $contract['ekind'];
|
|
|
|
$sql_str = "SELECT * FROM pricereview_sign WHERE mid = :mid AND id = :sign_id";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':mid', $mid);
|
|
$stmt->bindParam(':sign_id', $sign_id);
|
|
$stmt->execute();
|
|
$currentsign = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
$permissions = [];
|
|
$content = "";
|
|
$url = "mkt/pricereviewCheck.php?id=" . $mid;
|
|
if($signOff == "YY"){
|
|
if($currentsign['sign1']!=NULL){ $permissions[] = explode(",", $currentsign['sign1'])[0] ; }
|
|
if($currentsign['sign2']!=NULL){ $permissions[] = explode(",", $currentsign['sign2'])[0] ; }
|
|
if($currentsign['sign3']!=NULL){ $permissions[] = explode(",", $currentsign['sign3'])[0] ; }
|
|
if($currentsign['sign4']!=NULL){ $permissions[] = explode(",", $currentsign['sign4'])[0] ; }
|
|
$permissions[] = $contract['person'];
|
|
$title = $ekind . "價審結案通知(".$contract['contractno']."," .$contract['company']. ")";
|
|
$content = "狀態:結案同意<br>";
|
|
$current_assigner = "00000";
|
|
}elseif($signOff == "Y"){
|
|
if($sign == 1 || $sign == 2 || $sign == 3){
|
|
$signer = $currentsign['sign'.($sign+1)];
|
|
if($signer == NULL){
|
|
$signer = $currentsign['sign'.($sign+2)];
|
|
}
|
|
$permissions[] = explode(",", $signer)[0];
|
|
$current_assigner = explode(",", $signer)[0];
|
|
$title = $ekind . "價審待簽通知(".$contract['contractno']."," .$contract['company']. ")";
|
|
$content = "狀態:待簽核<br>";
|
|
}
|
|
}elseif($signOff == "N"){
|
|
$signer = $contract['person'];
|
|
$permissions[] = $signer;
|
|
$title = $ekind . "價審退回通知(".$contract['contractno']."," .$contract['company']. ")";
|
|
$content = "狀態:退回<br>";
|
|
$url = "mkt/pricereviewCreate.php?id=" . $mid;
|
|
$current_assigner = "00000";
|
|
}
|
|
|
|
$kind = 1;
|
|
$related_id = $mid;
|
|
$content .= "合約號:".$contract['contractno'] . "<br>";
|
|
$content .= "客戶名稱:" . $contract['company'] . "<br>";
|
|
$content .= "案件名稱:" . $contract['case_name'] . "<br>";
|
|
$content .= "時間" . date("Y-m-d H:i:s");
|
|
// $content .= "<a href='./mkt/pricreviewCheck.php?id=".$mid.">前往查看</a>";
|
|
$havaread = null;
|
|
$creater = "system";
|
|
$create_at = date("Y-m-d H:i:s");
|
|
sendSystemNotice($kind, $related_id, $title, $content, $havaread, $permissions, $creater, $create_at, $url);
|
|
|
|
//待簽通知
|
|
if($form_key == null){
|
|
$sql_str = "SELECT form_key FROM flow WHERE form_id = :form_id AND system_id = 'prm' AND (flow_id='prm01' OR flow_id='prm02')";
|
|
$stmt = $conn->prepare($sql_str);
|
|
$stmt->bindParam(':form_id', $mid);
|
|
$stmt->execute();
|
|
$form_key = $stmt->fetch(PDO::FETCH_ASSOC)['form_key'];
|
|
}
|
|
include_once "./postFlow.php";
|
|
if($signOff == "YY") $flow_code = "Z";
|
|
if($signOff == "Y") $flow_code = "B";
|
|
if($signOff == "N") $flow_code = "A";
|
|
if($form_key == null){
|
|
throw new PDOException("form_key 不存在!");
|
|
}
|
|
createFlow($mid, $current_assigner, $flow_code, $ekind, $form_key);
|
|
echo 1;
|
|
}catch(PDOException $e){
|
|
echo $e->getMessage();
|
|
}
|
|
|