gary_wms/mkt/pricereview-facility.php

<?php
/**
 * 取得電梯價目
 * @url /pricereview-facility.php
 * @method POST
 * @return JSON
 * 
 * request
 * {
 *  "fval"
 * }
 * fval : 種類,人乘,停數,速度,數量
 * respons json
 * {
 *  "st" : "ok",
 *  "err" : ""
 * }
 **/

$rarr = array('st' => 'ok', 'err' => '');

try {
    if (empty($_POST) || empty($_POST["fval"])) throw new \Exception("parameter empty");
    //if (empty($_COOKIE["_m"])) throw new \Exception("user empty");

    foreach ($_POST as $k => $v) {
        $$k = htmlspecialchars(stripslashes(trim($v)));
    }

    list($kind, $seat, $numberofstop, $speed, $qty) = explode(",", $fval);
    if (!$kind || !$seat || !$speed) throw new \Exception("parameter empty[2]");

    require_once "database.php";
    $db_query  = "select id, price, model from facility_price where kind = '$kind' and seat = '$seat' and numberofstop = '$numberofstop' ";
    $db_query .= "and speed = '$speed' and status = 'Y'";
    $res = mysqli_query($link, $db_query);
    if ($row = mysqli_fetch_row($res)) {
        $id = $row[0]; 
        $price = $row[1];
        $model = $row[2];
    }
    mysqli_free_result($res);

    if ($id) {
        $rarr["id"] = $id;
        $rarr["amt"] = $price*$qty;
        $rarr["model"] = $model;
        $rarr["group"] = "A";
    } else {
        $rarr['st'] = 'err';
        $rarr['err'] = "無價格";
    }
}catch(\Exception $e) {
    $rarr['st'] = 'err';
    $rarr['err'] = $e->getMessage();
}

echo json_encode($rarr, JSON_UNESCAPED_UNICODE);
?>