gary_wms/wms/bargain-record-submit.php

<?php
$accountid= "";
$facilityno= "";
$issue_time= "";
$process= "";
$memo= "";
$creater= "";
$create_at= "";

$accountid_error= "";
$facilityno_error= "";
$issue_time_error= "";
$process_error= "";
$memo_error= "";
$creater_error= "";
$create_at_error= "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    //print_r($_POST);
    //print_r($_FILES);exit;
    foreach ($_POST as $k => $v) {
        $$k = htmlspecialchars(stripslashes(trim($v)));
    }

    $sql = "select max(bargainno) as maxno from bargain";
    $res = mysqli_query($link, $sql);
    $row = mysqli_fetch_row($res);
    $bargainno_check = $row[0] ? $row[0]+1 : date("Ym")."001";
    if ($bargainno_check <> $bargainno) $bargainno = $bargainno_check;

    if ($_FILES["attatch1"]["error"] == 0) {
        $file_name      = $_FILES["attatch1"]["name"];
        $temp_file_name = $_FILES["attatch1"]["tmp_name"];
        $file_size      = $_FILES["attatch1"]["size"];
        $target_dir     = "bargain-uploads/";
        $target_file1   = strtolower($target_dir.$bargainno."-1-".basename($file_name));
        $img_file_type  = pathinfo($file_name, PATHINFO_EXTENSION);
        $upload_ok      = 1;
        //if (file_exists($target_file1)) unlink($target_file1);
        foreach (glob($target_dir.$bargainno."-1-*") as $todelfile) {
            unlink($todelfile);
        }
        $upload_res_1 = move_uploaded_file($temp_file_name, $target_file1);
    } else $target_file1 = "";

    if ($_FILES["attatch2"]["error"] == 0) {
        $file_name      = $_FILES["attatch2"]["name"];
        $temp_file_name = $_FILES["attatch2"]["tmp_name"];
        $file_size      = $_FILES["attatch2"]["size"];
        $target_dir     = "bargain-uploads/";
        $target_file2   = strtolower($target_dir.$bargainno."-2-".basename($file_name));
        $img_file_type  = pathinfo($file_name, PATHINFO_EXTENSION);
        $upload_ok      = 1;
        //if (file_exists($target_file2)) unlink($target_file2);
        foreach (glob($target_dir.$bargainno."-2-*") as $todelfile) {
            unlink($todelfile);
        }
        $upload_res_2 = move_uploaded_file($temp_file_name, $target_file2);
    } else $target_file2 = "";

    if (($target_file1 && !$upload_res_1) || ($target_file2 && !$upload_res_2)) {
        echo "<script type ='text/JavaScript'>";
        echo "alert('檔案上傳失敗，資料請重建。');";
        echo "location.href='bargain-index.php?function_name=bargain&".$token_link."';";
        echo "</script>";
    }

    $db_query  = "insert into bargain (bargainno, department_id, proposer, receiver, response_dt, item, annual, urgent, vendor, prospecting, category, ";
    $db_query .= "dealer, reason, brand, model, quantity, brandkeep, lead_time, margin, margin_day, acceptance, purchase_history, ";
    $db_query .= "attatch1, attatch2, item_description, repairno, category_repair, content, quotation, creater, create_at) values (";
    $db_query .= "'$bargainno', '$department_id', '$proposer', '$receiver', '$response_dt', '$item', '$annual', '$urgent', '$vendor', '$prospecting', '$category', ";
    $db_query .= "'$dealer', '$reason', '$brand', '$model', '$quantity', '$brandkeep', '$lead_time', '$margin', '$margin_day', '$acceptance', '$purchase_history', ";
    $db_query .= "'$target_file1', '$target_file2', '$item_description', '$repairno', '$category_repair', '$content', '$quotation', '$user_id', '$create_at')";
    $result = mysqli_query($link, $db_query);
    $affected = mysqli_affected_rows($link);
    if ($result && $sup_id_all != "") {
        $bid = mysqli_insert_id($link);
        $sup_id_arr = explode(",", $sup_id_all);
        $supplier_arr = explode(",", $supplier_all);
        $quote_amt_be_arr = explode(",", $quote_amt_be_all);
        $note_be_arr = explode(",", $note_be_all);
        $quote_amt_ar_arr = explode(",", $quote_amt_ar_all);
        $note_ar_arr = explode(",", $note_ar_all);
        $item_no = 1;

        for ($i=0; $i<count($supplier_arr); $i++) {
            if (!$sup_id_arr[$i]) $sup_id_arr[$i] = 0;
            if (!$supplier_arr[$i]) continue;

            if ($_FILES["supplier_attatch_be"]["name"][$i] && ($_FILES["supplier_attatch_be"]["error"][$i] == 0)) {
                $file_name      = $_FILES["supplier_attatch_be"]["name"][$i];
                $temp_file_name = $_FILES["supplier_attatch_be"]["tmp_name"][$i];
                $file_size      = $_FILES["supplier_attatch_be"]["size"][$i];
                $target_dir     = "bargain-uploads/supplier/";
                $target_file_be = strtolower($target_dir.$bargainno."-".$item_no."-".basename($file_name));
                $upload_ok      = 1;
                $img_file_type  = pathinfo($target_file_be, PATHINFO_EXTENSION);
                $upload_res_be = move_uploaded_file($temp_file_name, $target_file_be);
            } else $target_file_be = "";
            
            if ($_FILES["supplier_attatch_ar"]["name"][$i] && ($_FILES["supplier_attatch_ar"]["error"][$i] == 0)) {
                $file_name      = $_FILES["supplier_attatch_ar"]["name"][$i];
                $temp_file_name = $_FILES["supplier_attatch_ar"]["tmp_name"][$i];
                $file_size      = $_FILES["supplier_attatch_ar"]["size"][$i];
                $target_dir     = "bargain-uploads/supplier/";
                $target_file_ar = strtolower($target_dir.$bargainno."-".$item_no."-".basename($file_name));
                $upload_ok      = 1;
                $img_file_type  = pathinfo($target_file_ar, PATHINFO_EXTENSION);
                $upload_res_ar = move_uploaded_file($temp_file_name, $target_file_ar);
            } else $target_file_ar = "";

            if (($target_file_be && !$upload_res_be) || ($target_file_ar && !$upload_res_ar)) {
                $sql = "delete from bargain where id = '$bid'";
                mysqli_query($link, $sql);
                $sql = "delete from bargain_supplier where bid = '$bid'";
                mysqli_query($link, $sql);
                echo "<script type ='text/JavaScript'>";
                echo "alert('檔案上傳失敗，資料請重建！".$sql."');";
                echo "location.href='bargain-index.php?function_name=bargain&".$token_link."';";
                echo "</script>";
            }

            $quote_amt_be_arr[$i] = str_replace(",", "", $quote_amt_be_arr[$i]);
            $quote_amt_ar_all[$i] = str_replace(",", "", $quote_amt_ar_all[$i]);
            $db_query  = "insert into bargain_supplier (bid, supplier_id, supplier, supplier_attatch_be, quote_amt_be, note_be, ";
            $db_query .= "supplier_attatch_ar, quote_amt_ar, note_ar, creater, create_at) values (";
            $db_query .= "'$bid', '$item_no', '$supplier_arr[$i]',  '$target_file_be', '$quote_amt_be_arr[$i]', '$note_be_arr[$i]', ";
            $db_query .= "'$target_file_ar', '$quote_amt_ar_arr[$i]', '$note_ar_arr[$i]', '$user_id', '$create_at')";
            $result = mysqli_query($link, $db_query);
            $item_no++;
        }
    }

    mysqli_close($link);
    if ($affected > 0) {
        echo "<script type ='text/JavaScript'>";
        echo "alert('新增成功(申請單號：".$bargainno.")');";
        echo "location.href='bargain-index.php?function_name=bargain&".$token_link."';";
        echo "</script>";
    } elseif ($affected == 0) {
        echo "<script type ='text/JavaScript'>";
        echo "alert('無新增資料');";
        echo "location.href='bargain-index.php?function_name=bargain&".$token_link."';";
        echo "</script>";
    } else {
        echo "{$db_query} 語法執行失敗，錯誤訊息SSS: " . mysqli_error($link);
    }
}
?>